The remote host is missing an update to netpbm-free announced via advisory DSA 904-1. Greg Roelofs discovered and fixed several buffer overflows in pnmtopng which is also included in netpbm, a collection of graphic conversion utilities, that can lead to the execution of arbitrary code via a specially crafted PNM file. For the old stable distribution (woody) these problems have been fixed in version 9.20-8.5.

For the stable distribution (sarge) these problems have been fixed in version 10.0-8sarge2. For the unstable distribution (sid) these problems will be fixed in version 10.0-11. We recommend that you upgrade your netpbm package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20904-1