GEN:SID 1:1020
Message WEB-IIS isc$data attempt
Summary This event is generated when an attempt is made to exploit a buffer overflow associated with a file with a .idc extension.
Impact Remote access.  This attack may permit the execution of arbitrary commands on the vulnerable server.
Detailed Information Microsoft Internet Information Service (IIS) supports file extensions including .idc that call the ISM.DLL.  A buffer overflow vulnerability exists in ISM.DLL code when it receives a malformed request, permitting the execution of arbitrary code.  
Affected Systems IIS 4.0 hosts
Attack Scenarios An attacker can send a malformed request containing a file name with an extension of .idc, possibly causing a buffer overflow.
Ease of Attack Simple.  Exploit code is freely available.
Corrective Action Upgrade to a more current version of IIS.
Additional References CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0874

Bugtraq:
http://www.securityfocus.com/bid/307

Rule References bugtraq: 307
cve: 1999-0874
nessus: 10116