Anyone with access to the WinNT or Temp directories on the server could obtain the sa account (system administrator) passwords and thereby have full access to your databases.
Microsoft recommends that you apply the latest service pack that is available and has provided corrections for both SQL Server Service Pack 2 and Service Pack 3. To download these service packs, see Additional Resources.
Alternatively, you can search for and delete all copies of the Sqlstp.log file. To ensure that the file cannot be recovered, you may want to delete it permanently by holding down the SHIFT key and dragging the file to the Recycle Bin. (Note: On computers running Windows 2000, the Temp directory is set under Environment Variables on the Advanced tab of the System Control Panel.)
FIX: Service Pack Installation May Save Standard Security Password in File (Q263968)
Microsoft Security Bulletin (MS00-035): Frequently Asked Questions
⌐ 2002 Microsoft Corporation. All rights reserved.