The remote host is missing an update to xpcd announced via advisory DSA 508-1.

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20508-1

Jaguar discovered a vulnerability in one component of xpcd, a PhotoCD viewer. xpcd-svga, part of xpcd which uses svgalib to display graphics on the console, would copy user-supplied data of arbitrary length into a fixed-size buffer in the pcd_open function. For the current stable distribution (woody) this problem has been fixed in version 2.08-8woody2. For the unstable distribution (sid), this problem will be fixed soon. We recommend that you update your xpcd package.