Microsoft IIS 5.0 Indexed Directory Disclosure Vulnerability
Microsoft has released a knowledge base article detailing solutions for this issue. It is available at the location below:
Microsoft recommends the following:
- If you are not using Index Server (for example, you don't have content on your Web site that you want to have searched), disable or uninstall the service.
- In directories that contain sensitive information, make sure to disable the Index this resource option on the appropriate tab (for example, a virtual directory on the Virtual Directory tab).