Changes in the KDC network code in the krb5-1.9 release introduced a bug that allows a null pointer dereference, which would cause the KDC to crash. Any request packet that is sufficiently malformed that the KDC would not generate a response packet can trigger this bug.
This flaw will be addressed as part of MITKRB5-SA-2011-002. It does not affect any version of Kerberos prior to 1.9.
This issue is now public:
This issue did not affect the versions of krb5 as shipped with Red Hat Enterprise Linux 3, 4, 5 or 6.
Created krb5 tracking bugs for this issue
Affects: fedora-rawhide [bug 676126]