The remote Debian host is missing a security-related update.
Klaus-Peter Junghann discovered that insufficient validation of RTCP packets in Asterisk may result in an information leak. Please see the upstream advisory at http://downloads.asterisk.org/pub/security/AST-2017-008.html for additional details.
Upgrade the asterisk packages. For the oldstable distribution (jessie), this problem has been fixed in version 1:11.13.1~dfsg-2+deb8u4. For the stable distribution (stretch), this problem has been fixed in version 1:13.14.1~dfsg-2+deb9u2.