The remote host is missing an update to icecast-server announced via advisory DSA 541-1.

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20541-1

Markus Wörle discovered a cross site scripting problem in status-display (list.cgi) of the icecast internal webserver, an MPEG layer III streaming server. The UserAgent variable is not properly html_escaped so that an attacker could cause the client to execute arbitrary Java script commands. For the stable distribution (woody) this problem has been fixed in version 1.3.11-4.2. For the unstable distribution (sid) this problem has been fixed in version 1.3.12-8. We recommend that you upgrade your icecast-server package.