GEN:SID 1:2235
Message WEB-MISC SpamExcp.dll access
Summary This event is generated when an attempt is made to exploit a buffer
overflow in Trend Micro InterScan eManager.
Impact Serious. Remote administrative access is possible.
Detailed Information Versions of Trend Micro InterScan eManager suffer from a buffer overflow
condition that can present an attacker with the opportunity to execute
arbitrary code of their choosing which could lead to remote access to
the server.
Affected Systems Trend Micro InterScan eManager 3.51
Attack Scenarios If the buffer overflow condition is met, the attacker can run code of
their choosing on the affected host.
Ease of Attack Moderate.
Corrective Action Upgrade to the latest non-affected version of the software.

Disable the web interface

Enable NTLM authentication for the administrative interface
Additional References Bugtraq:
http://www.securityfocus.com/bid/3327
Rule References bugtraq: 3327
cve: 2001-0958
nessus: 11747