Wireshark updates add WPA support, closes holes
Version 1.0.3 of the network analysis tool Wireshark is available to download. The release notes list 18 bugfixes, including three classed as security-relevant.
Among other things, in previous versions, the analysis plugin for the NCP dissector suffered from a buffer overflow and the application could crash while uncompressing zlib-compressed packet data. As there are no workarounds for these problems, the developers strongly recommend upgrading to the latest version.
On 802.11 wireless networks, Wireshark now decodes WPA and WPA2 group keys correctly, but other than this, there are no new features.
Installable versions and source code can be downloaded for Windows and Mac OS X Intel, plus PortableApps and U3 packages which run directly from a USB stick without installation. Linux users will either have to compile it from source for themselves or wait for updates from their distributions.
Wireshark used to be known as "Ethereal", but that name was owned by Network Integration Services, former employers of the program's primary author Gerald Combs. When he changed jobs, he had to rename the program; the original version is no longer maintained.
(lghp)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
