The owserver module in owfs and owhttpd 2.5p5 and earlier does not properly check the path type, which allows attackers to cause a denial of service (application crash) related to use of the path in owshell.
https://exchange.xforce.ibmcloud.com/vulnerabilities/30080
http://www.vupen.com/english/advisories/2006/4381
http://www.securityfocus.com/bid/20953
http://sourceforge.net/project/shownotes.php?release_id=461204