CVE-1999-1554

📅 14 April 2026 at 18:00 UTC📰 NVDView original source ↗

/usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users.

🤖 AI BriefingAuto-generated threat analysis

🔍Threat Overview

A local vulnerability in the /usr/sbin/Mail daemon on SGI Irix 3.3 and 3.3.1 systems allows unauthorized users to read mail of other users due to improper group ID setting, posing a low-risk but still significant threat.

⚙️Technical Details

CVEs

CVE-1999-1554

Affected Systems

SGI Irix 3.3SGI Irix 3.3.1

Attack Vectors

LOCAL

💥Impact Assessment

Severity: L

🛡️Recommended Actions

1Implement a restrictive group ID policy to limit user privileges.

2Regularly update and patch affected systems with the latest security patches.

3Monitor system logs for suspicious mail access attempts.

📦Affected Products

Sgi IrixSGI Irix

🔐NVD Verified DataVERIFIED

CVE-1999-1554 ↗CVSS 2.1 — LOW

Attack Vector

LOCAL

Complexity

LOW

Vector String

AV:L/AC:L/Au:N/C:P/I:N/A:N

Affected Products (CPE)

Sgi Irix

Patches & References

🔧 http://www.cert.org/advisories/CA-1990-08.html 🔧 http://www.securityfocus.com/bid/13 🔧 http://www.cert.org/advisories/CA-1990-08.html 📋 http://www.securityfocus.com/bid/13 📋 http://www.securityfocus.com/bid/13

Read the full article

This is a curated summary. The complete article is available at NVD.

Read on NVD ↗

← Back to feed