A denial of service vulnerability was found in the Shibboleth Service Provider. When processing certain malformed SAML message generated by an authenticated attacker, the daemon could crash.