| VID |
21182 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
There is a serious vulnerability in Windows 2000 (unpatched by SP1) that allows an attacker to view ASP/ASA source code instead of a processed file.
ASP source code can contain sensitive information such as usernames and passwords for ODBC connections. |
| Recommendation |
Install all the latest Microsoft Security Patches (Note: This vulnerability is eliminated by installing Windows 2000 Service Pack 1) |
| Related URL |
CVE-2000-0778 (CVE) |
| Related URL |
1578 (SecurityFocus) |
| Related URL |
5095 (ISS) |
|
