CVE-2002-0138

CDRDAO 1.1.4 and 1.1.5 allows local users to read arbitrary files via the show-data command.