In association with heise online

14 October 2010, 10:37

Wireshark updates patch vulnerability

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Wireshark Logo The Wireshark Project developers have released version 1.2.12 and 1.4.1 of their open source, cross-platform network protocol analyser. According to the developers, the security updates address a vulnerability (CVE-2010-3445) that could cause the application to crash.

Reportedly, the vulnerability is triggered either by injecting a series of malformed packets, or by having a victim open a specially crafted packet trace file, leading to a stack overflow in the ASN.1 BER dissector. The developers note that, due to the nature of the issues, they do not advise trying to work around the problem by disabling dissectors. Apparently, all versions up to and including 1.2.11 and 1.4.0 are affected. The vulnerabilities were discovered by the Penetration Test Team of NCNIPC (China). Other changes in each of the updates include updated protocol support and various bug fixes ranging from user interface issues to problems in the packet list.

The developers also announced that the 1.0.x branch of Wireshark has reached its end-of-life (EOL). Users currently running Wireshark 1.0.x are encouraged to upgrade to the latest release.

Further information about the updates, including a full list of changes, can be found in the 1.2.12 and 1.4.1 release notes. Wireshark binaries for Windows and Mac OS X, as well as the source code, are available to download from the project's site and documenation is provided. Wireshark, formerly known as Ethereal, is licensed under version 2 of the GNU General Public Licence (GPLv2).

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit