URLScan and UseFastPathReject fix to stop disclosure of sensitive information
There is a flag in URLScan 3 to stop URL Scan redirecting dodgy requests and instead sending back a 404 response quickly, this is "UseFastPathReject=1" (by default it is 0) The issue outlined: http://www.securityfocus.com/bid/7767/info The fix explained: http://www.securityfocus.com/archive/1/323389