| View previous topic :: View next topic |
| Author |
Message |
sammy2ooo
Apprentice
Joined: 26 May 2004
Posts: 225
|
 Posted: Tue Dec 04, 2007 11:54 am Post subject: pax kills firefox 2.0.0.10 |
 |
|
Hi
I am running firefox 2.0.0.10 and a 2.6.22-hardened-r8 kernel. Pax always kills my browser while browsing one bulletinboard.
Is there someone triggering a bufferoverflow or is at least trying to???
| Quote: |
Dec 4 12:46:32 host PAX: execution attempt in: <anonymous mapping>, 45dc1000-45dc2000 45dc1000
Dec 4 12:46:32 host PAX: terminating task: /usr/lib/mozilla-firefox/firefox-bin(firefox-bin):6245, uid/euid: 1000/1000, PC: 45dc1000, SP: 5eccd06c
Dec 4 12:46:32 host PAX: bytes at PC: 81 fc 48 c3 c6 5e 0f 82 85 00 00 00 55 8b ec 81 ec 10 00 00
Dec 4 12:46:32 host PAX: bytes at SP-4: 5eccd088 4992552d 484df290 00000000 5eccd0b0 49a6612c 00000000 5eccd0b0 5eccd108 49921137 484df290 00000000 5eccd0b0 5eccd0b0 485630d0 00000000 5eccd108 4992108d 485118d0 485630d0 485132ba
|
| Quote: |
user@host ~ $ firefox
No running windows found
---> then the crash occurs...
/usr/libexec/mozilla-launcher: line 119: 6245 Killed $(type -P aoss) "$mozbin" "$@"
firefox-bin exited with non-zero status (137)
|
| Quote: |
user@host ~ $ paxctl -v /usr/lib/mozilla-firefox/firefox-bin
PaX control v0.5
Copyright 2004,2005,2006,2007 PaX Team <pageexec@freemail.hu>
- PaX flags: -------x-e-- [/usr/lib/mozilla-firefox/firefox-bin]
RANDEXEC is disabled
EMUTRAMP is disabled
|
_________________
- Linux is sexy -
guru@linux:~> who | egrep -i 'blonde|black|brown' | talk && cd ~; wine; talk; touch; unzip; touch; strip; gasp; finger; mount; fsck; more; yes; gasp; umount; make clean; sleep;
Last edited by sammy2ooo on Tue Dec 04, 2007 1:20 pm; edited 1 time in total |
|
| Back to top |
|
 |
d2_racing
Bodhisattva
Joined: 25 Apr 2005
Posts: 13047
Location: Ste-Foy,Canada
|
| Posted: Tue Dec 04, 2007 12:43 pm Post subject: |
|
|
emerge --info ?
That's pretty weird in fact. |
|
| Back to top |
|
|
sammy2ooo
Apprentice
Joined: 26 May 2004
Posts: 225
|
| Posted: Tue Dec 04, 2007 1:19 pm Post subject: |
|
|
Here you go:
| Quote: |
Portage 2.1.3.19 (default-linux/x86/2007.0, gcc-4.1.2, glibc-2.6.1-r0, 2.6.22-hardened-r8-uranos i686)
=================================================================
System uname: 2.6.22-hardened-r8-uranos i686 AMD Athlon(tm) XP 2400+
Timestamp of tree: Tue, 04 Dec 2007 11:16:01 +0000
ccache version 2.4 [enabled]
app-shells/bash: 3.2_p17
dev-java/java-config: 1.3.7, 2.0.33-r1
dev-lang/python: 2.4.4-r6
dev-python/pycrypto: 2.0.1-r6
dev-util/ccache: 2.4-r7
sys-apps/baselayout: 1.12.9-r2
sys-apps/sandbox: 1.2.18.1-r2
sys-devel/autoconf: 2.13, 2.61-r1
sys-devel/automake: 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10
sys-devel/binutils: 2.18-r1
sys-devel/gcc-config: 1.3.16
sys-devel/libtool: 1.5.24
virtual/os-headers: 2.6.22-r2
ACCEPT_KEYWORDS="x86"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O3 -march=athlon-xp -fomit-frame-pointer -pipe"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config"
CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5 /ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo /etc/udev/rules.d"
CXXFLAGS="-O3 -march=athlon-xp -fomit-frame-pointer -pipe"
DISTDIR="/usr/src/distfiles"
FEATURES="ccache distlocks metadata-transfer parallel-fetch sandbox sfperms strict unmerge-orphans userfetch"
GENTOO_MIRRORS="http://pandemonium.tiscali.de/pub/gentoo/ http://distfiles.gentoo.org"
MAKEOPTS="-j2"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync.de.gentoo.org/gentoo-portage"
USE="3dnow 3dnowext X a52 aac aalib accessibility acl alsa apache2 authdaemond bash-completion berkdb bitmap-fonts cdparanoia cli cpu detection cracklib crypt cups dbus dga divx dri dvb dvd dvdread encode fam ffmpeg flac fortran gdbm glitz gnutls gpgme gpm iconv imap java jpeg mad madwifi midi mmx mmxext mozilla mp2 mp3 mp4 mpd mpeg mpeg2 mplayer mudflap musepack mysql ncurses nls nptl nptlonly ns plugin ogg openmp pam pcre pdf perl png pop python quicktime readline real realmedia reflection sasl session smime sndfile socks5 spl sse sse2 ssl svga tcpd truetype truetype-fonts type1 type1-fonts unicode vorbis wavpack win32codecs wma wmf wmp x264 x86 xml xorg xv xvid zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dsh are dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" APAC HE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfi le authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache fil ter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir use rtrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb21 6 lcdm001 mtxorb ncurses text" USERLAND="GNU" VIDEO_CARDS="vesa fbdev nv nvidia"
Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAG S, PORTAGE_RSYNC_EXTRA_OPTS
|
The same happend on firefox version 2.0.0.9...
_________________
- Linux is sexy -
guru@linux:~> who | egrep -i 'blonde|black|brown' | talk && cd ~; wine; talk; touch; unzip; touch; strip; gasp; finger; mount; fsck; more; yes; gasp; umount; make clean; sleep; |
|
| Back to top |
|
|
sammy2ooo
Apprentice
Joined: 26 May 2004
Posts: 225
|
|
| Back to top |
|
|
sammy2ooo
Apprentice
Joined: 26 May 2004
Posts: 225
|
| Posted: Tue Dec 04, 2007 6:15 pm Post subject: |
|
|
Moving to the latest available version 2.0.0.11 didnt solve the problem. Even (re) moving the profile directory (.mozilla) didnt change anything.
This happens while trying to visit the bulletingboard on www.supermoto1.de. Maybee someone can confirm this? I am out of ideas...
_________________
- Linux is sexy -
guru@linux:~> who | egrep -i 'blonde|black|brown' | talk && cd ~; wine; talk; touch; unzip; touch; strip; gasp; finger; mount; fsck; more; yes; gasp; umount; make clean; sleep; |
|
| Back to top |
|
|
sammy2ooo
Apprentice
Joined: 26 May 2004
Posts: 225
|
| Posted: Tue Dec 04, 2007 8:07 pm Post subject: |
|
|
http://bcheck.scanit.be/bcheck/showresults.php claims that everything is fine with my browser, however it turned out the crashes are caused by my flashplayer plugin...
I am using the latest flashplayer net-www/netscape-flash version 9.0.48.0-r1
The element http://www.supermoto1.de/images/banners/huberverlag.swf is triggering the crash
Can anyone confirm this by visiting www.supermoto1.de ?
_________________
- Linux is sexy -
guru@linux:~> who | egrep -i 'blonde|black|brown' | talk && cd ~; wine; talk; touch; unzip; touch; strip; gasp; finger; mount; fsck; more; yes; gasp; umount; make clean; sleep; |
|
| Back to top |
|
|
sammy2ooo
Apprentice
Joined: 26 May 2004
Posts: 225
|
| Posted: Wed Dec 05, 2007 9:52 am Post subject: |
|
|
Comeon people...anyone???
_________________
- Linux is sexy -
guru@linux:~> who | egrep -i 'blonde|black|brown' | talk && cd ~; wine; talk; touch; unzip; touch; strip; gasp; finger; mount; fsck; more; yes; gasp; umount; make clean; sleep; |
|
| Back to top |
|
|
|
Networking & Security
