Format string vulnerability in Point-to-Point Protocol (PPP) daemon (pppd) 2.4.0 for Mac OS X 10.3.2 and earlier allows remote attackers to read arbitrary pppd process data, including PAP or CHAP authentication credentials, to gain privileges.
https://exchange.xforce.ibmcloud.com/vulnerabilities/15297
http://www.securityfocus.com/bid/9730
http://www.kb.cert.org/vuls/id/841742
http://lists.apple.com/archives/security-announce/2004/Feb/msg00000.html