Casinos Not On Gamstop Non Gamstop Casinos Casinos Not On Gamstop Online Casinos UK Non Gamstop Casino
1st Jan 1996 [SBWID-224]
COMMAND
	    mount_union / mount_msdos (vfsload)
SYSTEMS AFFECTED
	    FreeBSD 2.0, 2.0.5, 2.1, 2.1-stable, and 2.2-current
PROBLEM
	    A bug was  found in the  vfsload(3) library call  that affects all
	    versions of  FreeBSD from  2.0 through  2.2-CURRENT that  caused a
	    system  vulnerability.   This  problem  is  present  in all source
	    code  and  binary  distributions  of  FreeBSD version 2.x released
	    before 1996-05-18.
	    The  FreeBSD  project  is  aware   of  active  exploits  of   this
	    vulnerability.
	    All FreeBSD users  are encouraged to  use the workaround  provided
	    until they  can update  their operating  system to  a version with
	    this vulnerability fixed.
	    The  mount_union  and  mount_msdos  programs invoke another system
	    utility in an insecure fashion while setuid root.
	    The  problem  could  allow   local  users  to  gain   unauthorized
	    permissions.
	    This vulnerability  can only  be exploited  by users  with a valid
	    account on the local system.
SOLUTION
	    Update operating system sources and binaries to FreeBSD 2.1-stable
	    or FreeBSD  2.2-current as  distributed later  than 1996-05-18  or
	    if  you  are  currently  running  2.1  or later, you may apply the
	    solution patches available  at the URL  listed at the  top of this
	    message.
	    The OS updates  fix the actual  problem in the  vfsload(3) library
	    routine.   Once  the  vfsload()  library  routine  is  fixed,  the
	    workaround listed below  is not necessary  to solve this  problem.
	    However,  an  additional  stability  problem  has  come  to  light
	    (ref.  FreeBSD   SA-96:10)  so   the  FreeBSD   project   suggests
	    using both the setuid workaround and the solution for best results.
	    This vulnerability can quickly  and easily be limited  by removing
	    the setuid  permission bit  from the  mount_union and  mount_msdos
	    program.  This  workaround will work  for all versions  of FreeBSD
	    affected by this problem.
	    As root, execute the command:
	
	        % chmod u-s /sbin/mount_union /sbin/mount_msdos
	
	    then verify  that the  setuid permissions  of the  files have been
	    removed.   The  permissions  array  should  read  "-r-xr-xr-x"  as
	    shown here:
	
	   % ls -l /sbin/mount_union /sbin/mount_msdos
	     -r-xr-xr-x  1 root  bin  151552 Apr 26 04:41 /sbin/mount_msdos
	     -r-xr-xr-x  1 root  bin   53248 Apr 26 04:40 /sbin/mount_union
Internet highlights

Casino Not On Gamstop