CVE-1999-0097

HP-UX - Remote Command Execution via FTP Client Shell Metacharacter Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-0097. PoCs published by HORKimhab.

AI-analyzed exploit summary The repository contains a placeholder markdown file for CVE-1999-0097, describing an FTP client command execution vulnerability in AIX via shell metacharacters. However, no functional exploit code or technical details are provided.

Description

The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).

Exploits (1)

github STUB
by HORKimhab · shellpoc
https://github.com/HORKimhab/poc-cve-collection/tree/main/1999/0xxx/CVE-1999-0097.md

The repository contains a placeholder markdown file for CVE-1999-0097, describing an FTP client command execution vulnerability in AIX via shell metacharacters. However, no functional exploit code or technical details are provided.

Classification
Stub 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Theoretical
Target: AIX FTP client (unspecified version)
No auth needed
Prerequisites: Victim must connect to a malicious FTP server using the vulnerable AIX FTP client
mistral-large-3 · analyzed Jul 14, 2026 Full analysis →

References (1)

Core 1
Core References
Third Party Advisory, VDB Entry x_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0097

Scores

EPSS 0.0404
EPSS Percentile 89.5%

Details

Status published
Products (39)
hp/hp-ux 9.00
hp/hp-ux 9.01
hp/hp-ux 9.03
hp/hp-ux 9.04
hp/hp-ux 9.05
hp/hp-ux 9.06
hp/hp-ux 9.07
hp/hp-ux 9.08
hp/hp-ux 9.09
hp/hp-ux 9.10
... and 29 more
Published Oct 29, 1997
Tracked Since Feb 18, 2026