Directory traversal vulnerability in the web server for Cisco IDS Device Manager before 3.1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTPS request.
http://www.iss.net/security_center/static/9174.php
http://archives.neohapsis.com/archives/bugtraq/2002-05/0214.html