Wireshark updates fix vulnerabilties
The Wireshark developers have released versions 1.4.10 and 1.6.3 of the open source, cross-platform network protocol analyser. The maintenance and security updates close multiple vulnerabilities. Some of these are rated as highly critical by Secunia, and could be exploited by an attacker to cause a denial-of-service (DoS) or compromise a victim's system.
The updates address problems related to the ERF file parser that could lead to a buffer overflow and a NULL pointer dereference error in the Infiniband dissector. Versions 1.4.0 to 1.4.9 and 1.6.0 to 1.6.2 are affected. Wireshark 1.6.3 addresses a problem in the CSN.1 dissector that could be used to crash the application. The new versions also address a number of other bugs found in previous builds.
Further information about the updates, including a full list of changes, can be found in the 1.4.10 and the 1.6.3 release notes, and in the security advisories. Wireshark 1.4.10 and 1.6.3 are available to download for Windows and Mac OS X. Wireshark source code is licensed under the GPLv2.
- Wireshark CSN.1 dissector vulnerability, a Wireshark security advisory.
- Wireshark Infiniband dissector vulnerability, a Wireshark security advisory.
- Wireshark ERF file parser vulnerability, a Wireshark security advisory.