CVE-2002-0800
BadBlue 1.7.0 allows remote attackers to list the contents of directories via a URL with an encoded ‘%’ character at the end.
Date published : 2002-07-26
http://www.securityfocus.com/bid/4912
http://archives.neohapsis.com/archives/bugtraq/2002-06/0003.html