qpid is vulnerable to authentication bypass attacks. The vulnerability exists as the default configuration for Apache Qpid 0.20 and earlier, when the federation_tag attribute is enabled, accepts AMQP connections without checking the source user ID, which allows remote attackers to bypass authentication and have other unspecified impact via an AMQP request.
rhn.redhat.com/errata/RHSA-2013-0561.html
rhn.redhat.com/errata/RHSA-2013-0562.html
secunia.com/advisories/52516
access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_MRG/2/html/Technical_Notes/RHSA-2013-0561.html
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=678612
bugzilla.redhat.com/show_bug.cgi?id=710787
bugzilla.redhat.com/show_bug.cgi?id=720714
bugzilla.redhat.com/show_bug.cgi?id=737685
bugzilla.redhat.com/show_bug.cgi?id=740485
bugzilla.redhat.com/show_bug.cgi?id=754990
bugzilla.redhat.com/show_bug.cgi?id=773719
bugzilla.redhat.com/show_bug.cgi?id=781496
bugzilla.redhat.com/show_bug.cgi?id=782806
bugzilla.redhat.com/show_bug.cgi?id=783215
bugzilla.redhat.com/show_bug.cgi?id=784957
bugzilla.redhat.com/show_bug.cgi?id=786555
bugzilla.redhat.com/show_bug.cgi?id=790004
bugzilla.redhat.com/show_bug.cgi?id=800912
bugzilla.redhat.com/show_bug.cgi?id=801605
bugzilla.redhat.com/show_bug.cgi?id=804752
bugzilla.redhat.com/show_bug.cgi?id=813742
bugzilla.redhat.com/show_bug.cgi?id=814356
bugzilla.redhat.com/show_bug.cgi?id=834256
bugzilla.redhat.com/show_bug.cgi?id=846465
bugzilla.redhat.com/show_bug.cgi?id=849788
bugzilla.redhat.com/show_bug.cgi?id=849790
bugzilla.redhat.com/show_bug.cgi?id=851355
bugzilla.redhat.com/show_bug.cgi?id=856299
bugzilla.redhat.com/show_bug.cgi?id=860011
bugzilla.redhat.com/show_bug.cgi?id=861838
bugzilla.redhat.com/show_bug.cgi?id=866677
bugzilla.redhat.com/show_bug.cgi?id=868403
bugzilla.redhat.com/show_bug.cgi?id=868881
bugzilla.redhat.com/show_bug.cgi?id=870058
bugzilla.redhat.com/show_bug.cgi?id=871774
bugzilla.redhat.com/show_bug.cgi?id=876193
bugzilla.redhat.com/show_bug.cgi?id=876664
bugzilla.redhat.com/show_bug.cgi?id=877081
bugzilla.redhat.com/show_bug.cgi?id=877553
bugzilla.redhat.com/show_bug.cgi?id=882243
bugzilla.redhat.com/show_bug.cgi?id=884036
bugzilla.redhat.com/show_bug.cgi?id=888392
bugzilla.redhat.com/show_bug.cgi?id=893980
bugzilla.redhat.com/show_bug.cgi?id=895535
issues.apache.org/jira/browse/QPID-4631
rhn.redhat.com/errata/RHSA-2013-0561.html