CVE-1999-1554

Properties

Published:
30.10.1990
Updated:
20.10.2005
Patch available:
Severity:
Low
  • CVSS vector:
    (AV:L/AC:L/Au:NR/C:C/I:N/A:N/B:N) Approximated
    Product:
    SGI: IRIX
    SGI: IRIX

    Vulnerability description

    /usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users.

    References:

    CERT: http://www.cert.org/advisories/CA-1990-08.html
    Security Focus: http://www.securityfocus.com/bid/13
    XF: http://www.iss.net/security_center/static/3164.php