vWebServer 1.2.0 allows remote attackers to cause a denial of service via a URL that contains MS-DOS device names.Referenceshttp://online.securityfocus.com/archive/1/194418http://www.securityfocus.com/bid/2978
