AQTRONIX Security Advisory AQ-2003-02 - When an HTTP request with the verb TRACK under Microsoft IIS 5.0 is performed, the transaction is not logged. This can lead to the server being utilized for XST attacks along with other tactics for information gathering. Microsoft silently fixed this bug in IIS 6.0.
1cc8f2eec00f14d310835e89c0e3a53b9d47467a9845df76a8e8d4c71dfffb75