The remote host is missing an update to cyrus-sasl announced via advisory DSA 563-1.

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20563-1

A vulnerability has been discovered in the Cyrus implementation of the SASL library, the Simple Authentication and Security Layer, a method for adding authentication support to connection-based protocols. The library honors the environment variable SASL_PATH blindly, which allows a local user to link against a malicious library to run arbitrary code with the privileges of a setuid or setgid application. For the stable distribution (woody) this problem has been fixed in version 1.5.27-3woody2. For the unstable distribution (sid) this problem has been fixed in version 1.5.28-6.2 of cyrus-sasl and in version 2.1.19-1.3 of cyrus-sasl2. We recommend that you upgrade your libsasl packages.