GEN:SID 1:2369
Message WEB-MISC ISAPISkeleton.dll access
Summary This event is generated when an attempt is made to access ISAPISkeleton.dll on a
web server. This may indicate an attempt to exploit a cross-site
scripting vulnerability in BRS WebWeaver.
Impact Arbitrary code execution, possible session hijack.
Detailed Information This event indicates that an attempt has been made to exploit a
cross-site scripting vulnerability in BRS WebWeaver .
An attacker can pass an argument to ISAPISkeleton.dll that may contain
malicious code that could be executed on the victims machine.
Affected Systems BRS WebWeaver
Attack Scenarios An attacker can pass a specific argument to ISAPISkeleton.dll that may
contain malicious code.
Ease of Attack Simple.
Corrective Action Upgrade to the latest non-affected version of the software
Additional References  
Rule References bugtraq: 9516