Nope , is easy to do a DoS on this app , I debugged it and when u enter a very long USER and then u click to the log window of the app it'll crash... the problem is that is not a sprintf or smth like that... is smth like MultiByteToWideChar API or whatever.. I think hard to execute arbitrary code , but so easy to make an DoS exploit ;)

[ reply ]