The remote Debian host is missing a security-related update.
An information disclosure vulnerability was discovered in the Service Discovery Protocol (SDP) in bluetoothd, allowing a proximate attacker to obtain sensitive information from bluetoothd process memory, including Bluetooth encryption keys.
Upgrade the bluez packages. For the oldstable distribution (jessie), this problem has been fixed in version 5.23-2+deb8u1. For the stable distribution (stretch), this problem has been fixed in version 5.43-2+deb9u1.