:: Deepquest ::

Mac OS X IPSec implementation can lead a remote user to send packets that bypass the IPSec access controls. Apple reported that Mac OS X does not properly handle certain incoming security policies that match by port. Some incoming traffic that is not explicitly allowed by the IPSec security policies may be accepted by the target system.

Some incoming traffic that is not explicitly allowed by the IPSec security policies may be accepted by the target system.
check system update to patch your system.

more from [url=http://docs.info.apple.com/article.html?artnum=61798]applekb[/url]