mod_survey 3.0.0 through 3.0.15-pre6 does not check whether a survey exists before creating a subdirectory for it, which allows remote attackers to cause a denial of service (disk consumption and possible crash).
https://exchange.xforce.ibmcloud.com/vulnerabilities/11861
http://www.securityfocus.com/bid/7498
http://gathering.itm.mh.se/modsurvey/changelog.php
http://gathering.itm.mh.se/modsurvey/SA20030504.txt
http://archives.neohapsis.com/archives/bugtraq/2003-05/0058.html