The Wireshark foundation on Tuesday has released the latest stable releases of its open source,
cross-platform network protocol analyzer. The developers have released versions 1.4.10 and 1.6.3 of Wireshark which contains maintenance and security updates, along with fixes for three security vulnerabilities and multiple program bugs in the previous releases. Several of these vulnerabilities may be used by attackers to perform a denial of service (DoS) attack as reported by Secunia, which rates them as highly critical.
The fix addresses flaws linked to the ERF file parser, which could be exploited to cause a buffer overflow. Problems have also been reported with a NULL pointer deference related error in the Infiniband dissector. This issue affects versions 1.4.0 through 1.4.9 and versions 1.6.0 through 1.6.3. Wireshark 1.6.3 also addresses issues that could be used to crash the application, linked to the CSN.1 dissector.
The updates fix several other program bugs. No new feature or protocol support has been added in this update. Existing protocol support has been updated for Ethernet, ICMPv6, IEEE 802.11, IEEE 802.1q, IPsec, MySQL and SSL, to name a few. Capture file support has also been updated in this release. A full list of changes is available in the release notes (v1.4.10 and v1.6.3).