• The file _vti_pvt/authors.pwd can be read. This file contains sensitive information and should not be available.

• Restrict access to this file be settings proper permissions to _vti_pvt directory or directly to authors.pwd.

• • Microsoft IIS Homepage

• 

• CWE-538

• Configuration Information Disclosure

• Web Application Firewall detected
• Apache Tomcat version older than 6.0.35
• Oracle applications logs publicy available
• Apache configured to run as proxy
• TRACE method is enabled