I haven't seen any advisories for IBM HTTP SERVER running Apache.
There is a crucial number of "/" (forward slash) you can use to retrieve the contents of the root directory of this particular Web Server. Using this vulnerability, you can retrieve any files or scripts running from that directory and sub-directories.
The number of "/" used to reproduce this can be different from one server to another. I don't have enough time to do more testing. However, feel free to add some more info to this quick advisory.
You can get a trial copy at:
Vulnerable: Server: IBM_HTTP_Server/18.104.22.168 Apache/1.3.7-dev (Win32)
Not Vulnerable: Server: IBM_HTTP_Server/22.214.171.124 Apache/1.3.7-dev (Unix)
If you send a GET request of 210 "/", you get: The actual Web Page.
If you send a GET request of 211 "/", you get: Index of /
If you send a GET request of 212 "/", you get:
Forbidden You don't have permission to access "/" x 212 on this server.