The remote host is missing an update to netpbm-free announced via advisory DSA 878-1. A buffer overflow has been identified in the pnmtopng component of the netpbm package, a set of graphics conversion tools. This vulnerability could allow an attacker to execute arbitrary code as a local user by providing a specially crafted PNM file. The old stable distribution (woody) it not vulnerable to this problem.

For the stable distribution (sarge) this problem has been fixed in version 10.0-8sarge1. For the unstable distribution (sid) this problem has been fixed in version 10.0-10. We recommend that you upgrade your netpbm-free packages. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20878-1