Chris Largret wrote:
This full-path disclosure showed up on BugTraq a couple hours ago. Just in case you missed it, you can find a copy here:
http://www.securityfocus.com/archive/1/419706/30/0/threaded
-- Chris Largret http://daga.dyndns.org
And an appropriate analysis posted as a follow up:
http://www.securityfocus.com/archive/1/419710/30/0/threaded
Not at all surprising as already said.