By using an overly long search string it is possible to
cause a denial of service attack against a remote server. In addition, by sending a user
name of 896 bytes (user name + EIP pointer) a buffer overrun will occur, thereby allowing
an intruder to run code on the remote system.
The author is aware of the problem but has not released a correct version. WebBBS Home Page