The remote host is missing an update to sendfile announced via advisory DSA 052-1.

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20052-1

Daniel Kobras has discovered and fixed a problem in sendfiled which caused the daemon not to drop privileges as expected when sendnig notification mails. Exploiting this a local user can easily make it execute arbitrary code under root privileges. We recommend that you upgrade your sendfile packages immediately.