CVE-2023-28436 Non-interactive Tailscale SSH sessions on FreeBSD may use the effective group ID of the tailscaled process

Tailscale is software for using Wireguard and multi-factor authentication MFA. A vulnerability identified in the implementation of Tailscale SSH starting in version 1.34.0 and prior to prior to 1.38.2 in FreeBSD allows commands to be run with a higher privilege group ID than that specified in...

Tailscale 安全漏洞

Tailscale is an open source WireGuard based application from Tailscale. Can provide a secure private network for any size team . A security vulnerability exists in Tailscale versions prior to 1.38.2 that stems from allowing commands to be run using a privilege group ID higher than the privilege...

who.txt

Date: Tue, 28 Jul 1998 20:27:21 +0200 From: Paul Boehm Subject: who Hi, the 'who' program is on some systems in a privileged group which is allowed to read utmp. On redhat linux 5.1 you can easily crash who by many different ways e.g. try who /bin/bash on freebsd you can use it to view parts of t...