The remote host is missing an update to openssl announced via advisory DSA 2454-2.

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202454-2

Tomas Hoger, Red Hat, discovered that the fix for CVE-2012-2110 for the 0.9.8 series of OpenSSL was incomplete. It has been assigned the CVE-2012-2131 identifier. For reference, the original description of CVE-2012-2110 from DSA-2454-1 is quoted below: CVE-2012-2110 Tavis Ormandy, Google Security Team, discovered a vulnerability in the way DER-encoded ASN.1 data is parsed that can result in a heap overflow. For the stable distribution (squeeze), this problem has been fixed in version 0.9.8o-4squeeze12. The testing distribution (wheezy), and the unstable distribution (sid), are not affected by this issue. We recommend that you upgrade your openssl packages.