It is possible to remotely spoof the Microsoft Internet Information Server 5.0, 5.1 and 6.0 SERVER_NAME variable by doing a modified HTTP request. This allows for the revealing of sensitive ASP code through the IIS 500-100.asp error page.
9265062b769c12c9797d72a61a3d47995803db86c2d1079cb92eaf33f0bc6113