The remote host seems to be using the Mozilla Network Security Services (NSS) Library, a set of libraries designed to support the developement of security-enabled client/server application. There seems to be a flaw in the remote version of this library, in the SSLv2 handling code, which may allow an attacker to cause a heap overflow and therefore execute arbitrary commands on the remote host. To exploit this flaw, an attacker would need to send a malformed SSLv2 'hello' message to the remote service.

Upgrade the remote service to use NSS 3.9.2 or newer.