this is already reported on 2006-03-25 see -> http://www.securityfocus.com/bid/17250 or http://www.milw0rm.com/exploits/1611