Reported January 6, 2002, by Tamer Sahin.
AOLserver 3.4.2 for Windows
Because of a vulnerability in AOLserver 3.4.2 for Windows, an attacker can gain read access of known files residing on an AOLserver host.
The discoverer posted the examples of “http://host/nstelemetry.adp” and “http://host/passwordprotected.file” as proof-of-concept.
The vendor, America Online, is aware of the problem but hasn't issued a patch.