The remote host is missing an update to orisis announced via advisory DSA 1129-1. Ulf Harnhammar and Max Vozeler from the Debian Security Audit Project have found several format string security bugs in osiris, a network-wide system integrity monitor control interface. A remote attacker could exploit them and cause a denial of service or execute arbitrary code.

For the stable distribution (sarge) these problems have been fixed in version 4.0.6-1sarge1. For the unstable distribution (sid) these problems have been fixed in version 4.2.0-2. We recommend that you upgrade your osiris packages. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201129-1