Vulnerability Description
/usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users.
CVSS Score
2.1
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sgi | Irix | 3.3 |
References
- http://www.cert.org/advisories/CA-1990-08.htmlPatchThird Party AdvisoryUS Government Resource
- http://www.iss.net/security_center/static/3164.php
- http://www.securityfocus.com/bid/13PatchVendor Advisory
- http://www.cert.org/advisories/CA-1990-08.htmlPatchThird Party AdvisoryUS Government Resource
- http://www.iss.net/security_center/static/3164.php
- http://www.securityfocus.com/bid/13PatchVendor Advisory
FAQ
What is CVE-1999-1554?
CVE-1999-1554 is a vulnerability with a CVSS score of 2.1 (LOW). /usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users.
How severe is CVE-1999-1554?
CVE-1999-1554 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-1999-1554?
Check the references section above for vendor advisories and patch information. Affected products include: Sgi Irix.