Kadu 0.4.2 and 0.5.0pre allows remote attackers to cause a denial of service (crash or generated traffic) via a malformed message, possibly with incomplete information.