Wireshark 1.4.7 released

Wireshark is a popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education.

The following vulnerabilities have been fixed:

Large/infinite loop in the DICOM dissector. Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.

Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a corrupted Diameter dictionary file could crash Wireshark. Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.

Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a corrupted snoop file could crash Wireshark. Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.

David Maciejak of Fortinet’s FortiGuard Labs discovered that malformed compressed capture data could crash Wireshark. Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.

Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a corrupted Visual Networks file could crash Wireshark. Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.

The following bugs have been fixed:

  • AIM dissector has some endian issues.
  • Telephony→MTP3→MSUS doesn’t display window.
  • Support for MS NetMon 3.x traces containing raw IPv6 (“Type 7”) packets.
  • Service Indicator in M3UA protocol data.
  • IEC60870-5-104 protocol, incorrect decoding of timestamp type CP56Time2a.
  • DNP3 dissector incorrect constants AL_OBJ_FCTR_16NF _FDCTR_32NF _FDCTR_16NF.
  • 3GPP QoS: Traffic class is not decoded properly.
  • Wireshark crashes when creating ProtoField.framenum in Lua.
  • Fix a wrong mask to extract FMID from DECT packets dissector.
  • Incorrect DHCPv6 remote identifier option parsing.

Don't miss