Because the plugin is very famous ,so this makes quite easy for hackers to play with WordPress blogs. Author also publish a simple shell script to identify and exploit this bug.
We would like to recommend webmasters to either upgrade the plugin to new version or deny access to plugin directory by making an extra .htccess in that folder.
Update 29-Dec-2012 : WordPress plugin W3 Total Cache updated to version 0.9.2.5 with fix for above vulnerability.
Change Log : Fixed security issue that can occur if using database caching to disk. If using database caching to disk with a web server with directory listing or web accessible wp-content/w3tc/dbcache/* directories. This patch works for all hosting environments / types where PHP is properly configured, i.e. .htaccess modifications (or other web server configuration changes) are *not* necessary to ensure proper security. Empty the database cache after performing the update if you use database caching to disk.
Download W3 Total Cache Plugin for Wordpress