FreeBSD Security Advisory (FreeBSD-SA-06:11.ipsec.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-06:11.ipsec.asc

IPsec is a set of protocols, including ESP (Encapsulating Security Payload) and AH (Authentication Header), that provide security services for IP datagrams. ESP protects IP payloads from wire-tapping by encrypting them using secret key cryptography algorithms. AH guarantees the integrity of IP packets and protects them from intermediate alteration or impersonation by attaching a cryptographic checksum computed using one-way hash functions. IPsec provides an anti-replay service which when enabled prevents an attacker from successfully executing a replay attack. This is done through the verification of sequence numbers. A programming error in the fast_ipsec(4) implementation results in the sequence number associated with a Security Association not being updated, allowing packets to unconditionally pass sequence number verification checks.

Upgrade your system to the appropriate stable release or security branch dated after the correction date https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-06:11.ipsec.asc