The remote host is missing an update to gallery announced via advisory DSA 355-1.

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20355-1

Larry Nguyen discovered a cross site scripting vulnerability in gallery, a web-based photo album written in php. This security flaw can allow a malicious user to craft a URL that executes Javascript code on your website. For the current stable distribution (woody) this problem has been fixed in version 1.25-8woody1. For the unstable distribution (sid) this problem has been fixed in version 1.3.4-3. We recommend that you update your gallery package.