Home
Get FSP - File Service Protocol Suite at SourceForge.net. Fast, secure and Free Open Source software downloads

Main
FSP Servers
FSP Software
FSP Downloads

FSP project
Testers needed
FSP Team
Open tasks
Bazaar

Mailing lists
Bug Tracker

FSP Documents
Purpose
History
Articles
Today
Future
INFO
FAQ Old | New
FSP Protocol
Quotes

FSP suite
Browse
Copyright
Changelog
Todo
Bazaar
Freshmeat page
Ohloh page

Java library
Browse
API
READ.ME
Changelog
Freshmeat page
Ohloh page

FSP proxy
Browse
READ.ME
Changelog
Freshmeat page

PyFSP
Browse

C library
Browse
README
NEWS
Changes
TODO
Freshmeat page
Ohloh page

Misc
Wizards vs CSH

FSP entry in
GNU dir
Wikipedia

Stats
CNW

My projects
FSP Client
Download Machine
Smart Cache
SC Loader
FSP Suite
Other programs

[CNW:Counter]

SECURITY INFO

Finally, after months after security bug in fspd was found and fixed, the bug info (and working exploit) was released into public. Here you can find some details.

fspd: Remotely exploitable buffer overflow and directory traversal bugs

Read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1022, http://www.debian.org/security/2004/dsa-416, http://xforce.iss.net/xforce/xfdb/14155, http://xforce.iss.net/xforce/xfdb/14154, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0011.

This security problem was fixed in FSP 2.8.1 Beta6 (2-Jun-2003). Information in linked reports, that you must have beta18 for fixing this problem, is wrong. For some unknown reasons both parties refused to correct this.

Versions 2.8.1 Beta11-Beta13, have another minor security problem that CC_STAT can stat any file outside fsp directory root. You must have modified fstatcmd and client library if you want to exploit this bug; this do not works with stock distro.

FSPLIB Buffer overflow

Buffer overflow in fsplib was found by David Binderman. Fixed in version 0.8. CVE-2006-7221

FSPLIB didnt checked strings returned by server enough. Server sending non \0 terminated strings (violation of FSP protocol) could cause client to segfault and possibly executing of injected code. Fixed in version 0.9. See also Secunia.com advisory