The remote host is missing an update to zoph announced via advisory DSA 989-1. Neil McBride discovered that Zoph, a web based photo management system performs insufficient sanitising for input passed to photo searches, which may lead to the execution of SQL commands through a SQL injection attack. The old stable distribution (woody) does not contain zoph packages.

For the stable distribution (sarge) this problem has been fixed in version 0.3.3-12sarge1. For the unstable distribution (sid) this problem has been fixed in version 0.5-1. We recommend that you upgrade your zoph package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20989-1