Synopsis :

It is possible to access arbitrary files from the remote
system.

Description :

The 'view_source' CGI is installed. This CGI has a well
known security flaw that lets an attacker read arbitrary
files with the privileges of the http daemon (usually root
or nobody).

Solution :

remove it from /cgi-bin.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N)
CVSS Temporal Score : 5.8
(CVSS2#E:U/RL:OF/RC:ND)
Public Exploit Available : false