The remote server may allow attackers to retrieve or modify sensitive files.
The remote host is running SSH 1.2.3 or 1.2 (as a client). There is a vulnerability in this version that allows a malicious scp server to overwrite arbitrary files via a directory traversal bug. An attacker may use this flaw to compromise this host. To exploit it, the attacker would have to compromise a host to which users of this host are SSH'ing into, and then to set up a trojaned version of scp which would overwrite files on this host
Upgrade to version 2.1 or higher.