The remote host is missing an update to openssl096 announced via advisory DSA 1174-1. Daniel Bleichenbacher discovered a flaw in OpenSSL cryptographic package that could allow an attacker to generate a forged signature that OpenSSL will accept as valid.

For the stable distribution (sarge) this problem has been fixed in version 0.9.6m-1sarge2 This package exists only for compatibility with older software, and is not present in the unstable or testing branches of Debian. We recommend that you upgrade your openssl packages. Note that services https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201174-1