GEN:SID 1:1817
Message WEB-IIS MS Site Server default login attempt
Summary This event is generated when an attempt is made to log on to Microsoft Site Server with a default account.
Impact Information gathering.  This attack may permit leaking of information associated with particular Site Server files.
Detailed Information Microsoft Site Server is software for Windows NT servers that allows users to publish, find, and share information.  There is a vulnerability that allows leaking of information of some Site Server files when an attacker logs on with the username of 'LDAP_AnonymousUser' and a password of 'LdapPassword_1'.
Affected Systems Microsoft Site Server 3.0
Attack Scenarios An attacker can log on to Site Server using a default username and password to view Site Server files.
Ease of Attack Simple.
Corrective Action Apply Service Pack 4.

Additional References Nessus
http://cgi.nessus.org/plugins/dump.php3?id=11018
Rule References nessus: 11018