gftp has format string errors in server response code. "Changes from 2.0.7b to 2.0.8pre1 Fixed format string security problem in logging of ftp and http responses" Server can crash/run code in gftp-client. This same problem is in earlier Red Hat gftp releases.
I mailed the upstream author to ask if we should use the beta or backport the fix to the stable version.