This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.
The remote host is affected by an information disclosure
The remote Windows host is affected by an information disclosure
vulnerability in the Microsoft Web Distributed Authoring and
Versioning (WebDAV) client due to explicitly allowing the use of
Secure Socket Layer (SSL) 2.0. A remote attacker can exploit this to
force an encrypted SSL 2.0 session with a WebDAV server that has SSL
2.0 enabled, and use a man-in-the-middle attack to decrypt portions of
the encrypted traffic, resulting in the disclosure of sensitive
See also :
Microsoft has released a set of patches for Windows Vista, 2008, 7,
2008 R2, 8, RT, 2012, 8.1, RT 8.1, and 2012 R2.
Risk factor :
Medium / CVSS Base Score : 6.4
CVSS Temporal Score : 5.3
Public Exploit Available : true