FreeBSD contains a flaw that may allow a malicious user to bypass the nat gateway. The issue was triggered because code was added to permit certain types of data through the nat gateway. It is possible that the flaw may allow all traffic to pass through, despite the "deny_incoming" directive, resulting in a loss of integrity.
Upgrade to version FreeBSD system to 4.1.1-STABLE or 3.5.1-STABLE after the respective correction dates, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): use a true packet filter such as ipfw(8) or ipf(8) on the PPP gateway to deny incoming traffic according to the desired security policy.
Also, FreeBSD has released a patch.