Microsoft IIS / Site Server codebrws.asp Arbitrary Source Disclosure
Medium Nessus Plugin ID 10956
SynopsisSome files may be read on the remote host.
DescriptionMicrosoft's IIS 5.0 web server is shipped with a set of sample files to demonstrate different features of the ASP language. One of these sample files allows a remote user to view the source of any file in the web root with the extension .asp, .inc, .htm, or .html.
SolutionApply the patch referenced above.