There is a serious vulnerability in Windows 2000 (unpatched by SP1) that allows an attacker to view ASP/ASA source code instead of a processed file. ASP source code can contain sensitive information such as username's and passwords for ODBC connections.

install all the latest Microsoft Security Patches (Note: This vulnerability is eliminated by installing Windows 2000 Service Pack 1)