I work at a large university and our Axis content server was recently quarantined by our IT department because "The Information Security Office has found the following system has one or more outstanding high-risk Microsoft vulnerabilities which requires your immediate attention. ... In this case, an attacker could send a specially constructed request which crashes the server, executes arbitrary code with the privileges of the web server, bypasses access restrictions on WebDAV server, or reveals the source code of ASP pages. More information about the specific vulnerabilities that were assessed can be found at: http://www.microsoft.com/technet/security/advisory/971492.mspx "
Our server has the default settings from Visix and we've updated Windows XP reguarly with critical updates, including Service Pack 3. Is Visix aware of this potential vulnerabilty and do they have a recommended fix? We suspect some settings relating to WebDAV or annonymous user access need to be modified, but don't want to make any big changes without knowing for sure.