The remote host is missing an update to tomcat5 announced via advisory DSA 1453-1.

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201453-1

Several remote vulnerabilities have been discovered in the Tomcat servlet and JSP engine. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-3382 It was discovered that single quotes (') in cookies were treated as a delimiter, which could lead to an information leak. CVE-2007-3385 It was discovered that the character sequence \ in cookies was handled incorrectly, which could lead to an information leak. CVE-2007-5461 It was discovered that the WebDAV servlet is vulnerable to absolute path traversal. For the stable distribution (etch), these problems have been fixed in version 5.0.30-12etch1. The old stable distribution (sarge) doesn't contain tomcat5. The unstable distribution (sid) no longer contains tomcat5. We recommend that you upgrade your tomcat5 packages.