The remote host is missing an update to the system as announced in the referenced advisory.

Update your system with the appropriate patches or software upgrades.

The following package is affected: joomla15 CVE-2008-3681 components/com_user/models/reset.php in Joomla! 1.5 through 1.5.5 does not properly restrict access, which allows remote attackers to reset the 'first enabled user (lowest id)' password, typically for the administrator.