Directory traversal

Directory traversal vulnerability in DirHandler lib/mongrel/handlers.rb in Mongrel 1.0.4 and 1.1.x before 1.1.3 allows remote attackers to read arbitrary files via an HTTP request containing double-encoded sequences ".%252e"...