Directory traversal vulnerability in httpd in Rob Landley BusyBox allows remote attackers to read arbitrary files via URL-encoded "%2e%2e/" sequences in the URI.
http://www.securityfocus.com/bid/20067
http://www.securityfocus.com/archive/1/446228/100/0/threaded