Wireshark 1.2.2 fixes vulnerabilities

Wireshark is a popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education.

The following vulnerabilities have been fixed:

  • The GSM A RR dissector could crash. Versions affected: 1.2.0 to 1.2.1
  • The OpcUa dissector could use excessive CPU and memory. Versions affected: 0.99.6 to 1.0.8, 1.2.0 to 1.2.1
  • The TLS dissector could crash on some platforms. Versions affected: 1.2.0 to 1.2.1.

The following bugs have been fixed:

  • The “Capture->Interfaces” window can’t be closed.
  • tshark-1.0.2 (dumpcap) signal abort core saved.
  • Memory leak fixes.
  • Display filter autocompletion doesn’t work for some RADIUS and WiMAX ASNCP fields.
  • Wireshark Portable includes wrong WinPcap installer.
  • Crash when loading a profile.
  • The proto,colinfo tap doesn’t work if the INFO column isn’t being printed.
  • Flow Graph adds too much unnecessary garbage.
  • The EAP Diameter dictionary file was missing in the distribution.
  • Graph analysis window is behind other window.
  • IKEv2 Cert Request payload dissection error.
  • DNS NAPTR RR (RFC 3403) replacement MUST be a fully qualified domain-name.
  • Malformed RTCP Packet error while sending Payload specific RTCP feedback packet( as per RFC 4585).
  • 802.11n Block Ack packet Bitmap field missing.
  • Wireshark doesn’t decode WBXML/ActiveSync information correctly.
  • Malformed packet when IPv6 packet has Next Header == 59.
  • Wireshark could crash while reading an ERF file.
  • Minor errors in gsm rr dissectors.
  • WPA Decryption Issues.
  • GSM A RR sys info dissection problem.
  • GSM A RR inverts MEAS-VALID values.
  • PDML output leaks ~300 bytes / packet.
  • Incorrect station identifier parsing in Kingfisher dissector.
  • DHCPv6, Vendor-Specific Informantion, SubOption”Option Request” parser incorrect.
  • Wireshark could leak memory while analyzing SSL.
  • Wireshark could crash while updating menu items after reading a file in some cases.
  • The Mac OS X ChmodBPF script now works correctly under Snow Leopard.



Share this