Cisco Security Advisory – Cisco IOS devices that are configured for Internet Key Exchange (IKE) protocol and certificate based authentication are vulnerable to a resource exhaustion attack. Successful exploitation of this vulnerability may result in the allocation of all available Phase 1 security associations (SA) and prevent the establishment of new IPsec sessions.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/81600/cisco-sa-20090923-ipsec.txt
Source: https://packetstormsecurity.com/files/81600/Cisco-Security-Advisory-20090923-ipsec.html