This bug opens the hole for a potential remote buffer overflow exploit. It looks like it could be exploited regardless of whether or not you are using nsperm. If the connection headers contain a "Authorization" header, thn ParseAuth routine is run, opening up your server to a remote buffer overflow.
Anybody running version 3.3 or less should consider upgrading because of the security risk.
