Wireshark 1.6.2 fixes vulnerabilities

Wireshark is a popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education.

The following vulnerabilities have been fixed:

  • A large loop in the OpenSafety dissector could cause a crash.
  • A malformed IKE packet could consume excessive resources.
  • A malformed capture file could result in an invalid root tvbuff and cause a crash.
  • Wireshark could run arbitrary Lua scripts.
  • The CSN.1 dissector could crash.

The following bugs have been fixed:

  • configure ignores (partially) LDFLAGS.
  • Build fails when it tries to #include , not present in Solaris 9.
  • Unable to configure zero length SNMP Engine ID.
  • BACnet who-is request device range values are not decoded correctly in the packet details window.
  • H.323 RAS packets missing from packet counts in “Telephony->VoIP Calls” and the “Flow Graph” for the call.
  • Wireshark crashes if sercosiii module isn’t installed.
  • Editcap could create invalid pcap files when converting from JPEG.
  • Timestamp is incorrectly decoded for ICMP Timestamp Response packets from MS Windows.
  • Malformed Packet in decode for BGP-AD update.
  • Wrong display of CSN_BIT in CSN.1.
  • Fix CSN_RECURSIVE_TARRAY last bit error in packet-csn1.c.
  • Wireshark cannot display Reachable time & Retrans timer in IPv6 RA messages.
  • ReadPropertyMultiple-ACK not correctly dissected.
  • GTPv2 dissectors should treat gtpv2_ccrsi as optional.
  • BGP : AS_PATH attribute was decode wrong.
  • Fixes for SCPS TCP option.
  • Offset calculated incorrectly for sFlow extended data.
  • [Enter] key behavior varies when manually typing display filters.
  • Contents of pcapng EnhancedPacketBlocks with comments aren’t displayed.
  • Misdecoding 3G Neighbour Cell Information Element in SI2quater message due to a coding typo.
  • Mis-spelled word “unknown” in assorted files.
  • tshark run with -Tpdml makes a seg fault.
  • btl2cap extended window shows wrong bit.
  • NDMP dissector incorrectly represents “ndmp.bytes_left_to_read” as signed.
  • TShark/dumpcap skips capture duration flag occasionally.
  • File types with no snaplen written out with a zero snaplen in pcap-ng files.
  • Wireshark improperly parsing 802.11 Beacon Country Information tag.
  • ERF records with extension headers not written out correctly to pcap or pcap-ng files.
  • RTPS2: MAX_BITMAP_SIZE is defined incorrectly.
  • Copying from RTP stream analysis copies 1st line many times.
  • Wrong display of CSN_BIT under CSN_UNION.
  • MEGACO context tracking fix – context id reuse.

Don't miss