The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 routers allows remote authenticated users to cause a denial of service (ESP card reload) via a malformed L2TP packet, aka Bug ID CSCun09973.
http://tools.cisco.com/security/center/viewAlert.x?alertId=33971
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2183