The Wireshark foundation on Tuesday has released the latest stable releases of its open source,
Requires Membership to View
To gain access to this and all member only content, please provide the following information:
By submitting your registration information to searchSecurity.in you agree to receive email communications from the TechTarget network of sites, and/or third party content providers that have relationships with TechTarget, based on your topic interests and activity, including updates on new content, event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile, unsubscribing via email or by contacting us here
- Your use of searchSecurity.in is governed by our Terms of Use
- We designed our Privacy Policy to provide you with important disclosures about how we collect and use your registration and other information. We encourage you to read the Privacy Policy, and to use it to help make informed decisions.
- If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States.
cross-platform network protocol analyzer. The developers have released versions 1.4.10 and 1.6.3 of Wireshark which contains maintenance and security updates, along with fixes for three security vulnerabilities and multiple program bugs in the previous releases. Several of these vulnerabilities may be used by attackers to perform a denial of service (DoS) attack as reported by Secunia, which rates them as highly critical.
The fix addresses flaws linked to the ERF file parser, which could be exploited to cause a buffer overflow. Problems have also been reported with a NULL pointer deference related error in the Infiniband dissector. This issue affects versions 1.4.0 through 1.4.9 and versions 1.6.0 through 1.6.3. Wireshark 1.6.3 also addresses issues that could be used to crash the application, linked to the CSN.1 dissector.
The updates fix several other program bugs. No new feature or protocol support has been added in this update. Existing protocol support has been updated for Ethernet, ICMPv6, IEEE 802.11, IEEE 802.1q, IPsec, MySQL and SSL, to name a few. Capture file support has also been updated in this release. A full list of changes is available in the release notes (v1.4.10 and v1.6.3).