The remote host is missing an update to the system as announced in the referenced advisory.

Update your system with the appropriate patches or software upgrades. http://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00044.html http://www.vuxml.org/freebsd/316e1c9b-671c-11d8-9aad-000a95bc6fae.html

The following package is affected: hsftp CVE-2004-0159: A format string vulnerability in hsftp 1.11 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via file names containing format string characters that are not properly handled when executing an 'ls' command.