New Wireshark version eliminates three vulnerabilities
The developers of the free Wireshark network analysis tool, formerly known as Ethereal, have published Version 0.99.8, which they say has eliminated three vulnerabilities. These errors are located in protocol handlers. Wireshark can crash or, in rare cases, malicious code can be injected. There are only three denial-of-service vulnerabilities, but they are in the modules supporting the very commonly used SNMP and TFTP protocols and also the quite rare SCTP, an alternative transport layer protocol to TCP.
The crash occurs when certain unspecified packets are being analysed. According to the vulnerability report the TFTP problem only arises under Ubuntu 7.10. The developers recommend users who can't change to the current version to disable the SCTP, SNMP and TFTP dissectors.
- Multiple problems in Wireshark (formerly Ethereal) versions 0.6.0 to 0.99.7, vulnerability report by wireshark.org