CVE-1999-0667

ARP Protocol - Denial of Service via ARP Cache Poisoning

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-0667. PoCs published by amaloteaux, including Metasploit module auxiliary/spoof/arp/arp_poisoning.

AI-analyzed exploit summary This Metasploit module performs ARP spoofing to poison ARP caches, enabling IP address spoofing or denial of service. It sends crafted ARP replies to redirect traffic or disrupt network communication.

Description

The ARP protocol allows any host to spoof ARP replies and poison the ARP cache to conduct IP address spoofing or a denial of service.

Exploits (1)

metasploit WORKING POC

by amaloteaux · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/spoof/arp/arp_poisoning.rb

View Code ZIP pw:eip

This Metasploit module performs ARP spoofing to poison ARP caches, enabling IP address spoofing or denial of service. It sends crafted ARP replies to redirect traffic or disrupt network communication.

Classification

Working Poc 100%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Network devices (ARP protocol)

No auth needed

Prerequisites: Network access · Ability to send raw packets

MITRE ATT&CK

T1557 - Adversary-in-the-Middle

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Mailing List x_refsource_misc

https://marc.info/?l=bugtraq&m=87602880019797&w=2

Scores

EPSS 0.1375

EPSS Percentile 96.0%

Details

Status published

Products (1)

arp_protocol/arp_protocol

Published Sep 19, 1997

Tracked Since Feb 18, 2026