CVE-2011-0203
Absolute path traversal vulnerability in xftpd in the FTP Server component in Apple Mac OS X before 10.6.8 allows remote attackers to list arbitrary directories by using the root directory as the starting point of a recursive listing.
Date published : 2011-06-24
http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html