The remote host is missing an update to the system as announced in the referenced advisory.

Update your system with the appropriate patches or software upgrades. http://secunia.com/advisories/33533/ http://www.vuxml.org/freebsd/40774927-f6b4-11dd-94d9-0030843d3802.html

The following package is affected: phplist CVE-2009-0422 Dynamic variable evaluation vulnerability in lists/admin.php in phpList 2.10.8 and earlier, when register_globals is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the _SERVER[ConfigFile] parameter to admin/index.php.