This script is Copyright (C) 2000-2011 Tenable Network Security, Inc.
The remote web server has an information disclosure vulnerability.
The version of FrontPage Extensions running on the remote host has an
information disclosure vulnerability. Using a non-existent file as an
argument to the 'shtml.exe' CGI reveals the local absolute path of the
web root. A remote attacker could use this information to mount
See also :
Upgrade to FrontPage Server Extensions SR1.2 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3