GEN:SID 1:1043
Message WEB-IIS viewcode.asp access
Summary This event is generated when an attempt is made to access the file
'viewcode.asp' on a web server.
Impact If successful, this attack will display the contents of any file on the
server.   In addition, it has been reported that this tool is vulnerable
to a denial of service attack.
Detailed Information 'viewcode.asp' is a utility that ships with various Microsoft products
and is meant to allow web site administrators to view the code of active
server pages during development.   As it will display the contents of
any file on the server, it should not be present on a production system,
but is installed by default with some products or as an option on
others.

Also, the tool may be vulnerable to a denial of service attack.
Affected Systems Microsoft Site Server 3.0
    Microsoft Site Server 3.0 Commerce Edition
    Microsoft Commercial Internet System 2.0
    Microsoft BackOffice Server 4.0
    Microsoft BackOffice Server 4.5
    Microsoft Internet Information Server 4.0
Attack Scenarios An attacker can use this tool to steal data or to gather user
names/passwords and other information that could facilitate other types
of attack.
Ease of Attack Simple. No exploit software required.
Corrective Action Remove any copies of 'viewcode.asp' from your server.
Additional References Insecure.org
http://www.insecure.org/sploits/ms.backoffice.source.html

Microsoft
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q231368&sd=tech
Rule References cve: 1999-0737
nessus: 10576