CVE Catalog
CVE-1999-1554
LowExploitation Probability (EPSS)
Low risk0.42%
34th percentile — higher than 34% of all known CVEs
Summary
The Mail service on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, allowing local users to read the mail of other users.
Risk Assessment
This vulnerability poses a privacy risk as local users can access confidential information of other users.
Recommendation
It is recommended to update the system to the latest version that fixes group ID management in the Mail service.
Original NVD description (English source)
/usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users.

