The remote host is missing an update to cacti announced via advisory DSA 2039-1.

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202039-1

It was discovered that Cacti, a frontend to rrdtool for monitoring systems and services missed input sanitising, making an SQL injection attack possible. For the stable distribution (lenny), this problem has been fixed in version 0.8.7b-2.1+lenny2. For the unstable distribution (sid), this problem will be fixed soon. We recommend that you upgrade your cacti package.