Description of problem:
Account name as shown there is too long for our ftp, but a name longer than 128 chars should do to reproduce.
The problem is in cmds.c account():
1840 strncat(buf, *argv, sizeof(buf)-strlen(buf));
1841 buf[sizeof(buf)-1] = 0;
strncat always writes terminating null, so this should say sizeof(buf)-strlen(buf)-1. Line 1841 should be redundant.
So this is one byte overflow with '\0', triggered by (trusted) user input, caught by fortify source.