MIT krb5 Security Advisory 2009-003 – A null pointer dereference can occur in an error condition in the KDC cross-realm referral processing code in MIT krb5-1.7. This can cause the KDC to crash. This is an implementation vulnerability in MIT krb5, and is not a vulnerability in the Kerberos protocol.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/84439/MITKRB5-SA-2009-003.txt
Source: https://packetstormsecurity.com/files/84439/MIT-krb5-Security-Advisory-2009-003.html