Wireshark updates close security holes
Versions 1.4.9 and 1.6.2 of Wireshark have been released. According to the developers, the maintenance and security updates address a number of vulnerabilities – some of which are rated as 'highly critical' by Secunia – in the open source, cross-platform network protocol analyser. The vulnerabilities could be exploited by an attacker to, for example, cause a denial-of-service (DoS) or compromise a victim's system.
According to the security advisories, the issues include problems related to malformed IKE packets that could consume excessive resources resulting in a crash, and a bug that could lead Wireshark to run malicious Lua scripts causing the application to execute arbitrary code. Versions 1.4.0 to 1.4.8 and 1.6.0 and 1.6.1 are affected.
Other issues in the 1.6.x branch include crashing bugs in the CSN.1 dissector, the OpenSafety dissector and in the way capture files are handled. In addition to the bug fixes, protocol support has been updated. No new features have been added.
More details about the updates, including a full list of bug fixes and known problems, can be found in the 1.4.9 and 1.6.2 release notes. Wireshark binaries for Windows and Mac OS X, as well as the source code, are available to download from the project's site. Wireshark is licensed under the GPLv2.
- Wireshark OpenSafety dissector vulnerability, a Wireshark security advisory.
- Wireshark IKE dissector vulnerability, a Wireshark security advisory.
- Wireshark buffer exception handling vulnerability, a Wireshark security advisory.
- Wireshark Lua script execution vulnerability, a Wireshark security advisory.
- Wireshark CSN.1 dissector vulnerability, a Wireshark security advisory.