yeh, dude MSN666 has no backdoors , but gobble confused, he even wrote *alert mail , he seems to be very nervous against MSN666 actually , it has some bugs , coz of it is the proof of concept code for "Sensitive IM Security" i don't think ppls use this as a Server like apache or mysql. hehe -- Seunghyun Seo , Inha university Group of Research for Unix Security [e-mail] seo@igrus.inha.ac.kr, seo@underground.or.kr ----- Original Message ----- > > I don't beleive that MSN666 has a backdoor. Is the function pattern2 safe > in it's use of sscanf? What if msg = "XXXXXXXXXXXXXXXXXAAAABBBB" is longer > than 16 bytes on line 254? > > sscanf ( msg, "%s", &opmsg ) > > Any help is appreciated. > > Keith Rogers > SecurityFocus > www.securityfocus.com > >
