GEN:SID 1:2134
Message WEB-IIS register.asp access
Summary This event is generated when an attempt is made to access the file register.asp directly.
Impact Possible administrator access and arbitrary command execution.
Detailed Information Snitz Forums is an Active Server Page (asp) application running on Microsoft Internet Information Server. A vulnerability exists in Snitz Forums that can allow an attacker to inject SQL code of his choice into the application. The file register.asp contains a flaw that can allow an attacker to gain administrator access to the site.

The attacker may be trying to gain administrator access to the host, garner information on users of the system, retrieve sensitive information or be attempting to execute arbitrary code.
Affected Systems Any host using IIS with Snitz Forums.
Attack Scenarios An attacker may inject SQL code of his choice. The attacker might then gain administrator access to the host or database.
Ease of Attack Simple.
Corrective Action Upgrade to the latest non-affected version of the software.

Check the IIS implementation on the host. Ensure all measures have been taken to deny access to sensitive files.

Ensure that the IIS implementation is fully patched.

Ensure that the underlying operating system is fully patched.

Employ strategies to harden the IIS implementation and operating system.

Check the host for signs of compromise.
Additional References  
Rule References nessus: 11621