This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.
The remote web server is affected by an information disclosure
The version of Apache installed on the remote Windows host can be
tricked into disclosing the source of its CGI scripts because of a
configuration issue. Specifically, if the CGI directory is located
within the document root, then requests that alter the case of the
directory name will bypass the mod_cgi cgi-script handler and be
treated as requests for ordinary files.
See also :
Reconfigure Apache so that the scripts directory is located outside
of the document root.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 4.1
Public Exploit Available : true