GEN:SID 1:1486
Message WEB-IIS ctss.idc access
Summary This event is generated when an attempt is made to access the file ctss.idc.
Impact Remote access.  This attack may permit the execution of arbitrary
commands on the vulnerable server.
Detailed Information This mkilog.exe is a Common Gateway Interface (CGI) script that can be
used to view and modify SQL database contents.  It posts data to another
module, ctss,idc, that creates a table based on the parameters passed to
it.  If an attacker passes parameters such as a valid username and
password to create a table, it may be possible to alter the table to
execute commands on the vulnerable server.
Affected Systems Windows systems.
Attack Scenarios An attacker can attempt to exploit this vulnerability to execute remote
commands on the vulnerable server.
Ease of Attack Easy.  
Corrective Action Delete file /scripts/tools/ctss.idc
Additional References SecurityFocus Mail Archive:
http://www.securityfocus.com/archive/101/200779
Rule References nessus: 10359