A local overflow exists in dc20ctrl, a FreeBSD port. The program fails to validate input, resulting in a buffer overflow. With a specially crafted request, an attacker can obtain the privileges of setgid dialer resulting in a loss of integrity.
Upgrade to dc20ctrl version 0.4_1 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workarounds: (1) upgrade your entire ports collection and rebuild the dc20ctrl port, (2) deinstall the old package and install a new package dated after the correction date, (3) download a new port skeleton and rebuild the port and (4) use the portcheckout utility to automate aforementioned option (3).