The remote host is missing an update to the system as announced in the referenced advisory.

Update your system with the appropriate patches or software upgrades. http://secunia.com/advisories/31519 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495432 http://www.vuxml.org/freebsd/27d78386-d35f-11dd-b800-001b77d09812.html

The following packages are affected: awstats awstats-devel CVE-2008-3714 Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.8 allows remote attackers to inject arbitrary web script or HTML via the query_string, a different vulnerability than CVE-2006-3681 and CVE-2006-1945. CVE-2008-5080 awstats.pl in AWStats 6.8 and earlier does not properly remove quote characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the query_string parameter. NOTE: this issue exists because of an incomplete fix for CVE-2008-3714.