web security question.

[Paul Rubin]

pxlpluker <pxlpluker at cfl.rr.com> writes:
> I have a friend that was using formmail.pl until last weekend when it
> was hacked by spammers with a buffer overflow attack on one of the
> form fields.

What makes you think it was a buffer overflow bug?  formmail.pl is
notorious for having security bugs, but none have been buffer
overflows as far as I know.  Are you sure it wasn't some other kind of bug?