The remote Debian host is missing a security-related update.
Several vulnerabilities were discovered in OpenSSL : - CVE-2016-7056 A local timing attack was discovered against ECDSA P-256. - CVE-2016-8610 It was discovered that no limit was imposed on alert packets during an SSL handshake. - CVE-2017-3731 Robert Swiecki discovered that the RC4-MD5 cipher when running on 32 bit systems could be forced into an out-of-bounds read, resulting in denial of service.
Upgrade the openssl packages. For the stable distribution (jessie), these problems have been fixed in version 1.0.1t-1+deb8u6.