The remote host is missing an update to the system as announced in the referenced advisory.

Update your system with the appropriate patches or software upgrades. http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2011-004.txt http://www.vuxml.org/freebsd/6a3c3e5c-66cb-11e0-a116-c535f3aa24f0.html

The following package is affected: krb5 CVE-2011-0285 The process_chpw_request function in schpw.c in the password-changing functionality in kadmind in MIT Kerberos 5 (aka krb5) 1.7 through 1.9 frees an invalid pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted request that triggers an error condition.