I know i am going to get major flamed for this but oh well

Like i said in another post. I will be the first to admit that I dont know as much as i would like to know but I am trying. From reading tutorials,website to going to places like this. But luckly my work has signed up for Mindleaders so I am getting free training now for free with many topics like IIS 4 , TCP/IP , LAN , C++ , Visual basics 4-6 , Unix , and A+ certification

So i hope that this will help speed up the learning process

Anyways on to my point

What i was wondering is in the post that someone found a server with a bunch of exploits on it and that it runs arbritary code you can gain access

Ok this was the code:
GET /_vti_bin/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe

What i want to know is what /..%c0%af../ means..... I have a little html knowledge so i know (or at least am assuming ) that the % = space as for the C0 and AF i dont know

Also if you have any where where i can go to learn the Microsoft Exploits for IIS servers that would be appreceated

I have been looking but all i can find are reports about them, what i want to know is how they are done....Dont get me wrong though i am not just some skipt kiddie who is going to go exploiting every IIS server that I can, I just want to know the logic behind it what it does and how it works and how to do it

Thanks