https://www.exploit-db.com/exploits/25163

漏洞细节尚未披露

source: http://www.securityfocus.com/bid/12662/info

A vulnerability has been identified in the handling of certain types of requests by CIS WebServer. Because of this, it is possible for an attacker to gain access to potentially sensitive system files.

The problem is in the handling of directory traversal strings. This issue could be exploited to gain read access to files on a host using the vulnerable software. 

http://www.example.com/../../../windows/repair/sam