It indicates a potential path disclosure vulnerability in Microsoft Internet Information Service (IIS).
IIS 5.1 web server may have a vulnerability that allows remote users to access sensitive system information from configuration (.cnf) files by submitting a specially-crafted request.
Any unprotected IIS 5.1 is vulnerable to the attack.
Attackers can gain sensitive information on the victim system.
Apply appropriate patches or Upgrade the system to the latest non-vulnerable version.