A local overflow exists in FreeBSD. Its ppp fails to validate input for the HOME environment variable, resulting in a buffer overflow. With a specially crafted request, an attacker can execute arbitrary code to gain root privileges resulting in a loss of integrity.
Upgrade to version FreeBSD 2.2-current dated 12/16/96 or later, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround: remove ppp setuid privileges.
#chmod ug-s /usr/bin/ppp
Lastly, FreeBSD has released a patch.