The remote Debian host is missing a security-related update.
Zhaoyang Wu discovered that cURL, an URL transfer library, contains a buffer overflow in the NTLM authentication code triggered by passwords that exceed 2GB in length on 32bit systems. See https://curl.haxx.se/docs/CVE-2018-14618.html for more information.
Upgrade the curl packages. For the stable distribution (stretch), this problem has been fixed in version 7.52.1-5+deb9u7.