In association with heise online

04 July 2008, 17:38

Several bugs fixed in the Wireshark and TShark network tools

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The new version 1.0.1 of the Wireshark network analysis tool and its command line variant TShark, remedy a number of security problems. Bugs in previous versions in the analysis modules for GSM messages, PANA, KISMET, and RTMPT packets as well as syslog messages, made it possible for attackers to crash the program. According to the developer advisory, the RMI module would even reveal some contents of the RAM to attackers.

The advisory states that the vulnerabilities are also present in Ethereal. Up to version 0.99, Ethereal was the original name of the Wireshark project. For users that cannot update to the newest version, the developers recommend deactivating the affected module.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit