[2009-04-09 03:12] BrianC <cavenah1%yahoo.com@localhost> > >$ gdb > >(gdb) core-file firefox-bin.core > >Core was generated by `firefox-bin'. > >Program terminated with signal 11, Segmentation fault. > >#0 0xbb0d523f in ?? () > > This smells like a security issue. Stating the obvious here, but it > looks like it could be exploited if an attacker is able to point the IP > onto an executable heap where shellcode would reside. Exploit > developers have been using javascript to deploy malicious > payloads on to the heap for this purpose for quite some time. I can't comment on this, sorry. I'm no security guy. > Is > there a way to get a backtrace with symbols to see what was > happening at the time of the segfault? A `bt' in gdb shows not more than the quoted output from above. This seems to be what you'd call: without symbols. I guess the situation is reproducable by everyone if few file descriptors are available. However, if you still want the data I can generate it ... if you tell me how. meillo P.S. Is it common to reply with private mail on this list? (I received three private replies.) Shouldn't all general discussion be on list?
Attachment:
signature.asc
Description: Digital signature