This vulnerability was ranked 10.0 (for Windows) in CPUoct2009 and related to improper AUTH_SESSKEY parameter length validation.
(Executable + source code)
→ [list of blog posts] Please drop me email about bug(s) and/or suggestion(s): my emails.