Wireshark Closes Security Holes

Friday, January 13, 2012 @ 02:01 PM gHale


Versions 1.4.11 and 1.6.5 of the open source Wireshark network protocol analyzer fixes bugs and closes holes found in the previous builds.

The maintenance and security updates to the cross-platform tool fix several vulnerabilities that an attacker could exploit to cause a denial-of-service (DoS) or compromise a victim’s system.

RELATED STORIES
OAS HMI Holes Fixed
Snort to Boost SCADA Security
Siemens Default Password Issues
7-Technologies Vulnerability Part II

The vulnerabilities include a NULL pointer deference error when displaying packet information, issues in the file parser that cause Wireshark to fail to properly check record sizes for a number of packet capture formats, and an RLC dissector buffer overflow bug.

Versions 1.4.0 to 1.4.10 and 1.6.0 to 1.6.4 suffer from the vulnerabilities; upgrading to the new releases fixes these issues.

More details about the updates, including a full list of bug fixes, are in the 1.4.11 and 1.6.5 release notes.

Wireshark 1.4.11 and 1.6.5 are available to download from the project’s site for Windows, Mac OS X and Linux. Source code for Wireshark is under the GPLv2.



Leave a Reply

You must be logged in to post a comment.