krb5 is vulnerable to denial of service (DoS). The vulnerability exists as a NULL pointer dereference flaw was found in the way the MIT Kerberos KDC processed principal names that were not null terminated, when the KDC was configured to use an LDAP back end. A remote attacker could use this flaw to crash the KDC via a specially-crafted request.
lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html
secunia.com/advisories/43260
secunia.com/advisories/43273
secunia.com/advisories/43275
secunia.com/advisories/46397
securityreason.com/securityalert/8073
web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-002.txt
www.mandriva.com/security/advisories?name=MDVSA-2011:024
www.mandriva.com/security/advisories?name=MDVSA-2011:025
www.redhat.com/support/errata/RHSA-2011-0199.html
www.redhat.com/support/errata/RHSA-2011-0200.html
www.securityfocus.com/archive/1/516299/100/0/threaded
www.securityfocus.com/archive/1/520102/100/0/threaded
www.securityfocus.com/bid/46271
www.securitytracker.com/id?1025037
www.vmware.com/security/advisories/VMSA-2011-0012.html
www.vupen.com/english/advisories/2011/0330
www.vupen.com/english/advisories/2011/0333
www.vupen.com/english/advisories/2011/0347
www.vupen.com/english/advisories/2011/0464
access.redhat.com/errata/RHSA-2011:0199
access.redhat.com/security/updates/classification/#important
exchange.xforce.ibmcloud.com/vulnerabilities/65323