Buffer overflow on oversized username, unauthorized access if username is empty.
vulners.com/securityvulns/securityvulns:doc:4534