The remote host is missing an update to trac announced via advisory DSA 739-1. Stefan Esser discovered an input validation flaw within Trac, a wiki and issue tracking system, that allows download/upload of files and therefore can lead to remote code execution in some configurations. The old stable distribution (woody) does not contain the trac package.

For the stable distribution (sarge) this problem has been fixed in version 0.8.1-3sarge2. For the unstable distribution (sid) this problem has been fixed in version 0.8.4-1. We recommend that you upgrade your trac package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20739-1