Debian Security Advisory 1247-1 - An off-by-one error leading to a heap-based buffer overflow has been identified in libapache-mod-auth-kerb, an Apache module for Kerberos authentication. The error could allow an attacker to trigger an application crash or potentially execute arbitrary code by sending a specially crafted kerberos message.
c9a1f482592964f332005424fd001256d3c72cb2e867cc031624774cfbbc1bdc
Mandriva Linux Security Advisory MDKSA-2006-218-1 - An off-by-one error in the der_get_oid function in mod_auth_kerb 5.0 allows remote attackers to cause a denial of service (crash) via a crafted Kerberos message that triggers a heap-based buffer overflow in the component array.
0c1995f891f62c93e82e5908e9f4bed81d74128b3655271258f0fd6d3aae1a46