Description of problem: am-utils' amqsvc_is_client_allowed() (amd/amq_svc.c) is based on good_client() used by nfs-utils and portmap and is affected by similar problems as described here: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-4552#c8 With certain hosts.{allow,deny} rules, expected host access control restrictions may not be applied correctly. The problem does not affect configurations that has deny:ALL and only allow access for specific hosts / networks. Version-Release number of selected component (if applicable): am-utils-6.1.5-14.fc12 Additional info: This was reported upstream (Erez Zadok) some months ago, but got no reply.
(In reply to comment #0) > This was reported upstream (Erez Zadok) some months ago, but got no reply. It's better to use upstream mailing list (am-utils.sunysb.edu) where is some activity in last months.
Can you pass the info to the list? Bug referenced in comment #0 should have enough info about the issues, and the nfs-utils fix should be applicable to am-utils with minimal changes.
(In reply to comment #2) > Can you pass the info to the list? I have sent a patch and all information to the list. We will see...
am-utils-6.1.5-16.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/am-utils-6.1.5-16.fc13
am-utils-6.1.5-16.fc13 has been pushed to the Fedora 13 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update am-utils'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F13/FEDORA-2010-3494
am-utils-6.1.5-16.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.