Wireshark 1.6.2 fixes vulnerabilities
Wireshark is a popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education.
The following vulnerabilities have been fixed:
- A large loop in the OpenSafety dissector could cause a crash.
- A malformed IKE packet could consume excessive resources.
- A malformed capture file could result in an invalid root tvbuff and cause a crash.
- Wireshark could run arbitrary Lua scripts.
- The CSN.1 dissector could crash.
The following bugs have been fixed:
- configure ignores (partially) LDFLAGS.
- Build fails when it tries to #include
, not present in Solaris 9. - Unable to configure zero length SNMP Engine ID.
- BACnet who-is request device range values are not decoded correctly in the packet details window.
- H.323 RAS packets missing from packet counts in “Telephony->VoIP Calls” and the “Flow Graph” for the call.
- Wireshark crashes if sercosiii module isn’t installed.
- Editcap could create invalid pcap files when converting from JPEG.
- Timestamp is incorrectly decoded for ICMP Timestamp Response packets from MS Windows.
- Malformed Packet in decode for BGP-AD update.
- Wrong display of CSN_BIT in CSN.1.
- Fix CSN_RECURSIVE_TARRAY last bit error in packet-csn1.c.
- Wireshark cannot display Reachable time & Retrans timer in IPv6 RA messages.
- ReadPropertyMultiple-ACK not correctly dissected.
- GTPv2 dissectors should treat gtpv2_ccrsi as optional.
- BGP : AS_PATH attribute was decode wrong.
- Fixes for SCPS TCP option.
- Offset calculated incorrectly for sFlow extended data.
- [Enter] key behavior varies when manually typing display filters.
- Contents of pcapng EnhancedPacketBlocks with comments aren’t displayed.
- Misdecoding 3G Neighbour Cell Information Element in SI2quater message due to a coding typo.
- Mis-spelled word “unknown” in assorted files.
- tshark run with -Tpdml makes a seg fault.
- btl2cap extended window shows wrong bit.
- NDMP dissector incorrectly represents “ndmp.bytes_left_to_read” as signed.
- TShark/dumpcap skips capture duration flag occasionally.
- File types with no snaplen written out with a zero snaplen in pcap-ng files.
- Wireshark improperly parsing 802.11 Beacon Country Information tag.
- ERF records with extension headers not written out correctly to pcap or pcap-ng files.
- RTPS2: MAX_BITMAP_SIZE is defined incorrectly.
- Copying from RTP stream analysis copies 1st line many times.
- Wrong display of CSN_BIT under CSN_UNION.
- MEGACO context tracking fix – context id reuse.