Mandrake Linux advises that a problem exists with all Apache servers prior to version 1.3.19. "The vulnerablity could allow directory indexing and path discovery on the vulnerable servers with a custom crafted request consisting of a long path name created artificially by using numerous slashes. This can cause modules to misbehave and return a listing of the directorycontents by avoiding the error page."
Read more at http://www.linux-mandrake.com/en/security/