Novell eDirectory 8.7.3 allows remote attackers to cause a denial of service (application crash) via a URL containing an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1.
http://www.cirt.dk/advisories/cirt-33-advisory.pdf
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10097766.htm
http://securitytracker.com/id?1014177
http://secunia.com/advisories/15676
http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034536.html