CVE-1999-0517

MEDIUM

HP-UX - Unauthenticated SNMP Community Name Exposure

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-1999-0517. PoCs published by ialejandrozalles, including Metasploit module auxiliary/scanner/snmp/snmp_enum.

AI-analyzed exploit summary The repository contains only a README.md file with a title and no functional exploit code, technical details, or analysis. It appears to be a placeholder or incomplete project.

Description

An SNMP community name is the default (e.g. public), null, or missing.

Exploits (2)

nomisec STUB

by ialejandrozalles · poc

https://github.com/ialejandrozalles/InvestigacionAplicacionCVE-1999-0517

View Code ZIP pw:eip

The repository contains only a README.md file with a title and no functional exploit code, technical details, or analysis. It appears to be a placeholder or incomplete project.

Classification

Stub 100%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: unknown

No auth needed

devstral-2 · analyzed Feb 18, 2026 Full analysis →

metasploit SCANNER

rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/snmp/snmp_enum.rb

View Code ZIP pw:eip

This Metasploit module performs SNMP enumeration by querying various OIDs to gather system information such as hostname, network interfaces, processes, and storage details. It does not exploit a vulnerability but scans for exposed SNMP data using default community strings like 'public'.

Classification

Scanner 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: SNMP-enabled devices (various vendors)

No auth needed

Prerequisites: SNMP service accessible with known community string (e.g., 'public')

MITRE ATT&CK

T1005 - Data from Local System T1552 - Unsecured Credentials

devstral-2 · analyzed May 26, 2026 Full analysis →

References (3)

Core 3

Core References

Various Sources

https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-244

Various Sources

https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-244/

Third Party Advisory, VDB Entry x_refsource_misc

https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0517

Scores

CVSS v3 5.9

EPSS 0.8959

EPSS Percentile 99.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-200

Status published

Products (3)

hp/hp-ux 10

hp/hp-ux 11.00

sun/sunos 5.0

Published Jan 01, 1997

Tracked Since Feb 18, 2026