Cisco has warned its Secure Access Control Server for Unix implements the Acme.server and is therefore vulnerable to a directory traversal vulnerability.
This affects version 2.0 up to and including version 2.3.5.1 of Cisco Secure ACS for Unix Server.
More information on the vulnerability, as well as a workaround, is available at:http://www.cisco.com/warp/public/707/acmeweb-acsunix-dirtravers-vuln-pub.shtml.