The remote Debian host is missing a security-related update.
Pound, a HTTP reverse proxy and load balancer, had several issues related to vulnerabilities in the Secure Sockets Layer (SSL) protocol. For Debian 7 (wheezy) this update adds a missing part to make it actually possible to disable client-initiated renegotiation and disables it by default (CVE-2009-3555 ). TLS compression is disabled (CVE-2012-4929 ), although this is normally already disabled by the OpenSSL system library. Finally it adds the ability to disable the SSLv3 protocol (CVE-2014-3566 ) entirely via the new 'DisableSSLv3' configuration directive, although it will not disabled by default in this update. Additionally a non-security sensitive issue in redirect encoding is addressed. For Debian 8 (jessie) these issues have been fixed prior to the release, with the exception of client-initiated renegotiation (CVE-2009-3555 ). This update addresses that issue for jessie.
Upgrade the pound packages. For the oldstable distribution (wheezy), these problems have been fixed in version 2.6-2+deb7u1. For the stable distribution (jessie), these problems have been fixed in version 2.6-6+deb8u1.