Microsoft IIS 5.0 ServerVariables_Jscript.asp Path Disclosure
Medium Nessus Plugin ID 10573
SynopsisThe remote web server is affected by an information disclosure vulnerability.
DescriptionA sample application shipped with IIS 5.0 discloses the physical path of the web root. An attacker can use this information to make more focused attacks.
SolutionAlways remove sample applications from productions servers. In this case, remove the entire /iissamples folder.