In association with heise online

02 March 2011, 16:19

Wireshark updates close critical vulnerabilities

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Wireshark Logo The Wireshark developers have announced the release of version 1.2.15 and 1.4.4 of their open source, cross-platform network protocol analyser; maintenance updates address two highly critical security vulnerabilities that could cause the application to crash.

The first issue (CVE-2011-0538), discovered by Huzaifa Sidhpurwala of the Red Hat Security Response Team, could lead to memory corruption when reading a .pcap file in the pcap-ng format – this could be used by a remote attacker, for example, to effect a denial-of-service (DoS) attack. The other (CVE-2011-0713) is a bug that could lead to a heap-based buffer overflow when reading a specially crafted Nokia DCT3 trace file, possibly leading to the execution of arbitrary code. Further changes include fixes for 32-bit systems when reading a malformed 6LoWPAN packet and updates to various dissectors. All users are advised to update to the latest versions as soon as possible.

More details about the maintenance updates, including a full list of changes, can be found in the 1.2.15 and 1.4.4 release notes. Wireshark binaries for Windows and Mac OS X, as well as the source code, are available to download and documentation is provided. Wireshark, formerly known as Ethereal, is licensed under version 2 of the GNU General Public Licence (GPLv2).

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit