FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

tailscale -- security vulnerability in Tailscale SSH

Affected packages
tailscale < 1.38.2

Details

VuXML ID 1b15a554-c981-11ed-bb39-901b0e9408dc
Discovery 2023-03-22
Entry 2023-03-23

Tailscale team reports:

A vulnerability identified in the implementation of Tailscale SSH in FreeBSD allowed commands to be run with a higher privilege group ID than that specified by Tailscale SSH access rules.

[source]

References

CVE Name CVE-2023-28436
URL https://tailscale.com/security-bulletins/#ts-2023-003

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.