The remote host is vulnerable to a local 'directory traversal' flaw.
The remote host is running the IBM AIX WebSM, a web-based system manager. This version of WebSM is vulnerable to a flaw where local users can gain access to potentially confidential data by passing a malformed query to the getCommand.new utility. Specifically, a request for a file like '../../../../<filename>' will retrieve the file as if the system manager had requested it.
No solution is known at this time.