The Kerberos implementation from MIT is vulnerable to four different security issues that range from a remote crash to to possible, but very unlikely, remote code execution. - CVE-2009-0844: The SPNEGO GSS-API implementation can read beyond the end of a buffer which leads to a crash. - CVE-2009-0845: A NULL pointer dereference in the SPNEGO code can lead to a crash which affects programs using the GSS-API. - CVE-2009-0846: The ASN.1 decoder can free an uninitialized NULL pointer which leads to a crash and can possibly lead to remote code execution. This bug can be exploited before any authen- tication happened, - CVE-2009-0847: The ASN.1 decoder incorrectly validates a length parameter which leads to malloc errors any possibly to a crash.