| ||
The best way to find its not really a file and directory traversal bugs is to throw random filenames at the application to see how it behaves. Try some of the following:
AUX
CON
LPT1
PRN.TXT
..\..\AUX
/dev/null
/dev/random
/dev/urandom
../../dev/random
\\ servername \c$
\\servername\ipc$
See if the application hangs or crashes; if it does, you may have hit code that anticipated real, honest-to-goodness files! Also, see if you can access files you shouldnt be able to access, such as /etc/passwd on a Unix box.
As with a number of other sins in this book, the best way to find the issues is through a good security code review.