A format string vulnerability exists in vpnd. By running the vpnd command with maliciously crafted arguments, a local user can trigger the vulnerability which may lead to arbitrary code execution with system privileges. This file exploits this vulnerability on Mac OS X.
cac8004c33b7c7a74786245dbc74af8080d860279ab8e8548030b1f6120d6571