The remote host is missing an update to xfree86-1 announced via advisory DSA 030-1.

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20030-1

Chris Evans, Joseph S. Myers, Michal Zalewski, Alan Cox, and others have noted a number of problems in several components of the X Window System sample implementation (from which XFree86 is derived). While there are no known reports of real-world malicious exploits of any of these problems, it is nevertheless suggested that you upgrade your XFree86 packages immediately. The scope of this advisory is XFree86 3.3.6 only, since that is the version released with Debian GNU/Linux 2.2 ('potato') Debian packages of XFree86 4.0 and later have not been released as part of a Debian distribution. Several people are responsible for authoring the fixes to these problems, including Aaron Campbell, Paulo Cesar Pereira de Andrade, Keith Packard, David Dawes, Matthieu Herrb, Trevor Johnson, Colin Phipps, and Branden Robinson. For a more detailed description of the problems addressed, please visit the referenced security advisory. These problems have been fixed in version 3.3.6-11potato32 and we recommand that you upgrade your X packages immediately.