The remote host is missing an update to dbus announced via advisory DSA 1658-1.
Colin Walters discovered that the dbus_signature_validate function in dbus, a simple interprocess messaging system, is prone to a denial of service attack. For the stable distribution (etch), this problem has been fixed in version 1.0.2-1+etch2. For the testing distribution (lenny) and unstable distribution (sid) this problem will be fixed soon. We recommend that you upgrade your dbus package.
- Debian Security Advisory DSA 2831-1 (puppet - insecure temporary files)
- Debian Security Advisory DSA 2650-2 (libvirt - files and device nodes ownership change to kvm group)
- Debian Security Advisory DSA 2879-1 (libssh - security update)
- Debian Security Advisory DSA 286-1 (gs-common)
- Debian Security Advisory DSA 1138-1 (cfs)