The WebDAV PROPFIND Method retrieves properties for a resource identified by the request Uniform Resource Identifier (URI). If Directory Browsing is enabled, a list of all resources and their properties under this directory is returned in the response. Using this method is possible to obtain a rescursive directory listing of all the files&folders from this URI. This may help an attacker to learn more about his target.
Possible sensitive information disclosure.
Disable or remove WebDAV if you don't need it on this server. Otherwise, restrict Directory Browsing permissions to select URIs.
How to disable WebDAV for IIS 5.0