The Mini FTP server in Novell iChain 2.2 and 2.3 SP2 and earlier allows remote unauthenticated attackers to obtain the full path of the server via the PWD command.
https://exchange.xforce.ibmcloud.com/vulnerabilities/19643
http://www.securityfocus.com/bid/12766
http://www.infobyte.com.ar/adv/ISR-03.html
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10096886.htm
http://securitytracker.com/id?1013407