In association with heise online

11 January 2012, 14:51

Wireshark 1.4.x and 1.6.x updates close security holes

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Wireshark logo Versions 1.4.11 and 1.6.5 of the open source Wireshark network protocol analyser have been released, fixing bugs and closing holes found in the previous builds. The maintenance and security updates to the cross-platform tool fix several vulnerabilities that could be exploited by an attacker to cause a denial-of-service (DoS) or compromise a victim's system.

The vulnerabilities include a NULL pointer deference error when displaying packet information, issues in the file parser that cause Wireshark to fail to properly check record sizes for a number of packet capture formats, and an RLC dissector buffer overflow bug. Versions 1.4.0 to 1.4.10 and 1.6.0 to 1.6.4 are affected; upgrading to the new releases fixes these issues.

More details about the updates, including a full list of bug fixes, can be found in the 1.4.11 and 1.6.5 release notes. Wireshark 1.4.11 and 1.6.5 are available to download from the project's site for Windows, Mac OS X and Linux. Source code for Wireshark is licensed under the GPLv2.

See also:

(crve)

Print Version | Send by email | Permalink: http://h-online.com/-1407576
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit