SurgeFTP is "a commercial FTP server which supports also SSL/TLS and has a web interface for remote administration". A vulnerability in the way SurgeFTP's web management interface handles invalid Content-Length values allows remote attackers to cause it to crash.

http://www.securiteam.com/windowsntf...OP0L1PNFO.html