The remote host is missing an update to zoph announced via advisory DSA 1389-2.

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201389-2

It was discovered that zoph, a web based photo management system, performs insufficient input sanitising, which allows SQL injection. This is an updated advisory to make the update for oldstable (sarge) available, which had been uploaded to the wrong suite. For the oldstable distribution (sarge) this problem has been fixed in version 0.3.3-12sarge3. For the stable distribution (etch) this problem has been fixed in version 0.6-2.1etch1. For the unstable distribution (sid) this problem has been fixed in version 0.7.0.2-1. We recommend that you upgrade your zoph package.