MIT krb5 Security Advisory 2009-004 – Integer underflow bugs in the AES and RC4 decryption operations of the crypto library of the MIT Kerberos software can cause crashes, heap corruption, or, under extraordinarily unlikely conditions, arbitrary code execution. Only releases krb5-1.3 and later are vulnerable, as earlier releases did not contain the functionality implemented by the vulnerable code.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/85064/MITKRB5-SA-2009-004.txt
Source: https://packetstormsecurity.com/files/85064/MIT-krb5-Security-Advisory-2009-004.html