The remote host is missing an update to opensaml2 announced via advisory DSA 2284-1.

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202284-1

Juraj Somorovsky, Andreas Mayer, Meiko Jensen, Florian Kohlar, Marco Kampmann and Joerg Schwenk discovered that Shibboleth, a federated web single sign-on system is vulnerable to XML signature wrapping attacks. More details can be found in the Shibboleth advisory at http://shibboleth.internet2.edu/security-advisories.html For the oldstable distribution (lenny), this problem has been fixed in version 2.0-2+lenny3. For the stable distribution (squeeze), this problem has been fixed in version 2.3-2+squeeze1. For the unstable distribution (sid), this problem will be fixed soon. We recommend that you upgrade your opensaml2 packages.