Specially crafted AES and RC4 packets could allow unauthenticated remote attackers to trigger an integer underflow that leads to heap memory corruption CVE-2009-4212. Remote attackers could potentially exploit that to execute arbitrary code. openSUSE 11.2 is also affected by the following problem: Specially crafted ticket requests could crash the kerberos server CVE-2009-3295.