The remote host is missing an update to awstats announced via advisory DSA 1679-1.

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201679-1

Morgan Todd discovered a cross-site scripting vulnerability in awstats, a log file analyzer, involving the config request parameter (and possibly others CVE-2008-3714). For the stable distribution (etch), this problem has been fixed in version 6.5+dfsg-1+etch1. The unstable (sid) and testing (lenny) distribution will be fixed soon. We recommend that you upgrade your awstats package.