GEN:SID 1:962
Message WEB-FRONTPAGE shtml.exe access
Summary This event is generated when an attempt is made to exploit a known
vulnerability in a web server running Microsoft FrontPage
Server Extensions.
Impact Information gathering and system integrity compromise. Possible unauthorized
administrative access to the server or application. Possible execution
of arbitrary code of the attackers choosing in some cases. Denial of
Service is possible.
Detailed Information This event is generated when an attempt is made to compromise a host
running Microsoft FrontPage Server Extensions. Many known
vulnerabilities exist for this platform and the attack scenarios are
legion.
Affected Systems All systems running Microsoft FrontPage Server Extensions
Attack Scenarios Many attack vectors are possible from simple directory traversal to
exploitation of buffer overflow conditions.
Ease of Attack Simple. Many exploits exist.
Corrective Action Ensure the system is using an up to date version of the software and has
had all vendor supplied patches applied.
Additional References  
Rule References bugtraq: 1174
bugtraq: 1608
bugtraq: 5804
cve: 2000-0413
cve: 2000-0709
cve: 2002-0692
nessus: 10405
nessus: 11311