The remote host is missing an update to jftpgw announced via advisory DSA 510-1.

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20510-1

jaguar@felinemenace.org discovered a vulnerability in jftpgw, an FTP proxy program, whereby a remote user could potentially cause arbitrary code to be executed with the privileges of the jftpgw server process. By default, the server runs as user nobody. CVE-2004-0448: format string vulnerability via syslog(3) in log() function For the current stable distribution (woody) this problem has been fixed in version 0.13.1-1woody1. For the unstable distribution (sid), this problem has been fixed in version 0.13.4-1. We recommend that you update your jftpgw package.