If you want or need an official answer, please contact Apple directly.
There are no references to that CVE published at the Apple web site (other than this one), nor do I see any OS X references within the CVE itself.
If you're patched to current, then there are no announced patches available for your software.
If security and stability is a concern, then OS X 10.6.8 is rather old and generally no longer receiving patches and updates, so an OS X upgrade for your particular Mac systems may be appropriate.
I don't know if this has been patched in the most current OS X software, and don't have a 10.8 system handy to check.
As for the error, vulnerability scanners are renowned for false positives and for spurious diagnostics; some knowledge of the issue that's being detected is generally required, and a decision whether that's relevant to your environment often follows.
According to the CVE database, this is remote-accessible bug that can cause the Kerberos daemon to crash, but you need to authenticate to trigger it. It doesn't provide further access; it's a DoS. (Given there are other ways to trigger network-nased DoSs in most any configuration I'm dealing with, this CVE would seem to rank as yet another annoyance in the pantheon of network annoyances, but not AFAICT as a crisis.)
I'd be tempted to drop a Proper Use of Resources notice on somebody that tried that on one of the servers I administer, but that's fodder for another discussion.