The remote host is missing an update to jasper announced via advisory DSA 2036-1.

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202036-1

It was discovered that the JasPer JPEG-2000 runtime library allowed an attacker to create a crafted input file that could lead to denial of service and heap corruption. Besides addressing this vulnerability, this updates also addresses a regression introduced in the security fix for CVE-2008-3521, applied before Debian Lenny's release, that could cause errors when reading some JPEG input files. For the stable distribution (lenny), this problem has been fixed in version 1.900.1-5.1+lenny1. For the unstable distribution (sid), this problem has been fixed in version 1.900.1-6. We recommend that you upgrade your jasper package.