GroupWise WebAccess 5.5 with directory indexing enabled allows a remote malicious user to view arbitrary directory contents via an HTTP request with a lowercase "get".
novell groupwise 5.5
Vulmon