From the OSVDB page:

Apache Win32 contains a flaw that allows a remote attacker to determine the physical path of the web server installation. The issue is due to .var file request error messages providing too much information.