Thomas Kittel

**Name of the Vulnerable Software and Affected Versions** Heimdal versions prior to 7.5 **Description** The issue allows remote unauthenticated attackers to crash the KDC by sending a crafted UDP packet with empty data fields for `client name` or `realm`. This leads to a segmentation fault due to the parser unconditionally dereferencing NULL pointers. The problem is related to the ` kdc as rep` function in `kdc/kerberos5.c` and the `der length visible string` function in `lib/asn1/der length.c`. **Recommendations** For Heimdal versions prior to 7.5, update to version 7.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the KDC to minimize the risk of exploitation.