CVE-1999-1554

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions SGI IRIX versions 3.3 through 3.3.1

Description The issue arises from the /usr/sbin/Mail program on SGI IRIX, which fails to properly set the group ID to the group ID of the user who started Mail. This allows local users to read the mail of other users.

Recommendations For SGI IRIX versions 3.3 through 3.3.1, consider restricting access to the /usr/sbin/Mail program until a proper fix is applied to ensure the group ID is set correctly for the user who started Mail.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1554

Affected Products

Irix

CVE-1999-1554

Related Identifiers

Affected Products

References · 5