The remote host is missing an update to rssh announced via advisory DSA 1109-1. Russ Allbery discovered that rssh, a restricted shell, performs insufficient checking of incoming commands, which might lead to a bypass of access restrictions.

For the stable distribution (sarge) this problem has been fixed in version 2.2.3-1.sarge.2. For the unstable distribution (sid) this problem has been fixed in version 2.3.0-1.1. We recommend that you upgrade your rssh package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201109-1