GEN:SID 1:1017
Message WEB-IIS idc-srch attempt
Summary This event is generated when an attempt is made to exploit a buffer overflow associated with a file with an extension of .idc.
Impact Remote access.  This attack may permit the execution of arbitrary commands on the vulnerable server.
Detailed Information Microsoft Internet Information Service (IIS) supports file extensions including .idc that call the ISM.DLL.  A buffer overflow vulnerability exists in ISM.DLL code when it receives a malformed request, permitting the execution of arbitrary code.  
Affected Systems IIS 4.0 hosts
Attack Scenarios An attacker can send a malformed request of file with a .idc extension that causes a buffer overflow.
Ease of Attack Simple.  Exploit code is freely available.
Corrective Action Upgrade to a more current version of IIS.
Additional References CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0874

Rule References cve: 1999-0874