Aside: ability to view ASP/ColdFusion code

This applies as well to perl and cgi scripts (cgi in iis3.0)

For example:$DATA

MS hasn't fixed their own site (heh), but they promise a fix today.$DATA

In the meantime, Christoph Wille <> from Sofwing
has graciously
made available an IIS ISAPI filter that will protect a site from the ::$DATA
vulnerability. You can find it at