The remote host is missing an update to ntp announced via advisory DSA 1801-1.

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201801-1

Several remote vulnerabilities have been discovered in NTP, the Network Time Protocol reference implementation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-0159 A buffer overflow in ntpq allow a remote NTP server to create a denial of service attack or to execute arbitrary code via a crafted response. CVE-2009-1252 A buffer overflow in ntpd allows a remote attacker to create a denial of service attack or to execute arbitrary code when the autokey functionality is enabled. For the old stable distribution (etch), these problems have been fixed in version 4.2.2.p4+dfsg-2etch3. For the stable distribution (lenny), these problems have been fixed in version 4.2.4p4+dfsg-8lenny2. The unstable distribution (sid) will be fixed soon. We recommend that you upgrade your ntp package.