Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-0517 โ€” HP Hp-ux vulnerability

12 documents6 sources
Severity
7.5HIGHNVD
EPSS
92.4%
top 0.27%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
HP Hp-uxSUN Sunos
Timeline
PublishedJan 1
Latest updateJan 30

Description

An SNMP community name is the default (e.g. public), null, or missing.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

โ–ถNVDhp/hp-ux10, 11.00+1
โ–ถNVDsun/sunos5.0

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-wvmj-jgmg-4ghq: An SNMP community name is the default (eโ†—2022-04-30
โ–ถ
CVEList
CVE-1999-0517: An SNMP community name is the default (eโ†—2000-02-04
โ–ถ

๐Ÿ’ฅExploits & PoCs

2
Metasploit
SNMP Enumeration Moduleโ†—
โ–ถ
Metasploit
SNMP Community Login Scannerโ†—
โ–ถ

๐Ÿ”Detection Rules

6
Suricata
ET SNMP missing community string attempt 1โ†—2013-01-09
โ–ถ
Suricata
ET SNMP missing community string attempt 2โ†—2013-01-09
โ–ถ
Suricata
ET SNMP missing community string attempt 4โ†—2013-01-09
โ–ถ
Suricata
GPL SNMP public access udpโ†—2010-09-23
โ–ถ
Suricata
GPL SNMP null community string attemptโ†—2010-09-23
โ–ถ

๐Ÿ“„Research Papers

1
arXiv
Walking Under the Ladder Logic: PLC-VBS, a PLC Control Logic Vulnerability Discovery Toolโ†—2023-01-30
โ–ถ
CVE-1999-0517 โ€” HP Hp-ux vulnerability | cvebase