The remote host is missing an update to cacti announced via advisory DSA 1418-1.

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201418-1

It was discovered that Cacti, a tool to monitor systems and networks, performs insufficient input sanitising, which allows SQL injection. For the oldstable distribution (sarge) this problem has been fixed in version 0.8.6c-7sarge5. For the stable distribution (etch) this problem has been fixed in version 0.8.6i-3.2. For the unstable distribution (sid) this problem has been fixed in version 0.8.7a-1. We recommend that you upgrade your cacti package.