The L2TP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted L2TP control packet with AVP Q.931 Cause Code to execute arbitrary code or cause a denial of service (memory corruption).
[
{
"product": "MPD: FreeBSD PPP daemon",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 5.9"
}
]
}
]