The remote Debian host is missing a security-related update.
Several vulnerabilities were discovered in rsync, a fast, versatile, remote (and local) file-copying tool, allowing a remote attacker to bypass intended access restrictions or cause a denial of service.
Upgrade the rsync packages. For the oldstable distribution (jessie), these problems have been fixed in version 3.1.1-3+deb8u1. For the stable distribution (stretch), these problems have been fixed in version 3.1.2-1+deb9u1.