Wireshark 1.2.1 fixes security vulnerabilities
The Wireshark developers have announced the release of version 1.2.1 of Wireshark, the popular open source, cross-platform network protocol analyser. In addition to over 30 bug fixes, the security update addresses seven vulnerabilities that could crash the application remotely or lead to a buffer overflow. The denial-of-service (DoS) vulnerabilities affect the IPMI, AFS, Infiniband, Bluetooth L2CAP, RADIUS, MIOP and sFlow dissectors. Versions from 0.9.2 up to and including 1.2.0 of Wireshark are affected and all users are advised to update.
The release includes new capture file support for Btsnoop, DCT3, Packetlogger and pcap-ng. Protocol support for AFS, ANSI ISUP, ANSI MAP, ASN.1 PER, Bluetooth HCI H4, Bluetooth L2CAP, BSS CFLOW, COPS, Diameter, DICOM, FF-HSE, ICMPv6, IEC-60870-5-104, IEEE 802.11, Infiniband, IPMI, MIOP, RADIUS, RSVP, sFlow, SNMP, SMB2 and ZIOP has also been updated.
More details about the release can be found in the release notes. Wireshark 1.2.1 is available to download for Windows, Mac OS X and Linux. Wireshark, previously called Ethereal, is released under the GNU General Public License version 2 (GPLv2).
See also:
- Multiple vulnerabilities in Wireshark® version 0.9.2 to 1.2.0, security advisory from Wireshark.
(crve)