Lotus Domino HTTP server allows remote malicious users to determine the real path of the server via a request to a non-existent script in /cgi-bin.
lotus domino server 4.6