Wireshark 1.4.3 released

Wireshark is a popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education.

Wireshark 1.4.3 fixes the following vulnerabilities:

FRAsse discovered that the MAC-LTE dissector could overflow a buffer. Versions affected: 1.2.0 to 1.2.13 and 1.4.0 to 1.4.2.

FRAsse discovered that the ENTTEC dissector could overflow a buffer. Versions affected: 1.2.0 to 1.2.13 and 1.4.0 to 1.4.2. CVE-2010-4538

The ASN.1 BER dissector could assert and make Wireshark exit prematurely. Versions affected: 1.4.0 to 1.4.2.

It may be possible to make Wireshark crash by injecting a series of malformed packets onto the wire or by convincing someone to read a malformed packet trace file.




Share this