1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
|
Wireshark 1.10.13 Release Notes
__________________________________________________________________
What is Wireshark?
Wireshark is the world's most popular network protocol analyzer. It is
used for troubleshooting, analysis, development and education.
__________________________________________________________________
What's New
Bug Fixes
The following vulnerabilities have been fixed.
* [1]wnpa-sec-2015-07
The WCP dissector could crash. ([2]Bug 10844) [3]CVE-2015-2188
* [4]wnpa-sec-2015-08
The pcapng file parser could crash. ([5]Bug 10895) [6]CVE-2015-2189
* [7]wnpa-sec-2015-10
The TNEF dissector could go into an infinite loop. Discovered by
Vlad Tsyrklevich. ([8]Bug 11023) [9]CVE-2015-2190
The following bugs have been fixed:
* IPv6 AUTH mobility option parses Mobility SPI and Authentication
Data incorrectly. ([10]Bug 10626)
* DHCP Option 125 Suboption: (1) option-len always expects 1 but
specification allows for more. ([11]Bug 10784)
* Little-endian OS X Bluetooth PacketLogger files aren't handled.
([12]Bug 10861)
* X.509 certificate serial number incorrectly interpreted as negative
number. ([13]Bug 10862)
* H.248 "ServiceChangeReasonStr" messages are not shown in text
generated by tshark. ([14]Bug 10879)
* Clang ASAN : AddressSanitizer: global-buffer-overflow ANSI.
([15]Bug 10897)
* MEGACO wrong decoding on media port. ([16]Bug 10898)
* Wrong media format. ([17]Bug 10899)
* BSSGP Status PDU decoding fault (missing Mandatory element (0x04)
BVCI for proper packet). ([18]Bug 10903)
* Packets on OpenBSD loopback decoded as raw not null. ([19]Bug
10956)
* Display Filter Macro unable to edit. ([20]Bug 10957)
* IPv6 Local Mobility Anchor Address mobility option code is treated
incorrectly. ([21]Bug 10961)
* Juniper Packet Mirror dissector expects ipv6 flow label = 0.
([22]Bug 10976)
* Infinite loop DoS in TNEF dissector. ([23]Bug 11023)
New and Updated Features
There are no new features in this release.
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
ANSI IS-637-A, DHCP, GSM MAP, H.248, IPv6, Juniper Jmirror, and X.509AF
New and Updated Capture File Support
PacketLogger, and Pcapng
__________________________________________________________________
Getting Wireshark
Wireshark source code and installation packages are available from
[24]http://www.wireshark.org/download.html.
Vendor-supplied Packages
Most Linux and Unix vendors supply their own Wireshark packages. You
can usually install or upgrade Wireshark using the package management
system specific to that platform. A list of third-party packages can be
found on the [25]download page on the Wireshark web site.
__________________________________________________________________
File Locations
Wireshark and TShark look in several different locations for preference
files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations
vary from platform to platform. You can use About->Folders to find the
default locations on your system.
__________________________________________________________________
Known Problems
Dumpcap might not quit if Wireshark or TShark crashes. ([26]Bug 1419)
The BER dissector might infinitely loop. ([27]Bug 1516)
Capture filters aren't applied when capturing from named pipes.
([28]Bug 1814)
Filtering tshark captures with read filters (-R) no longer works.
([29]Bug 2234)
The 64-bit Windows installer does not support Kerberos decryption.
([30]Win64 development page)
Resolving ([31]Bug 9044) reopens ([32]Bug 3528) so that Wireshark no
longer automatically decodes gzip data when following a TCP stream.
Application crash when changing real-time option. ([33]Bug 4035)
Hex pane display issue after startup. ([34]Bug 4056)
Packet list rows are oversized. ([35]Bug 4357)
Summary pane selected frame highlighting not maintained. ([36]Bug 4445)
Wireshark and TShark will display incorrect delta times in some cases.
([37]Bug 4985)
__________________________________________________________________
Getting Help
Community support is available on [38]Wireshark's Q&A site and on the
wireshark-users mailing list. Subscription information and archives for
all of Wireshark's mailing lists can be found on [39]the web site.
Official Wireshark training and certification are available from
[40]Wireshark University.
__________________________________________________________________
Frequently Asked Questions
A complete FAQ is available on the [41]Wireshark web site.
__________________________________________________________________
Last updated 2015-03-04 09:06:46 PST
References
1. https://www.wireshark.org/security/wnpa-sec-2015-07.html
2. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10844
3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2188
4. https://www.wireshark.org/security/wnpa-sec-2015-08.html
5. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10895
6. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2189
7. https://www.wireshark.org/security/wnpa-sec-2015-10.html
8. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11023
9. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2190
10. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10626
11. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10784
12. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10861
13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10862
14. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10879
15. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10897
16. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10898
17. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10899
18. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10903
19. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10956
20. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10957
21. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10961
22. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10976
23. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11023
24. http://www.wireshark.org/download.html
25. http://www.wireshark.org/download.html#thirdparty
26. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1419
27. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1516
28. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1814
29. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2234
30. https://wiki.wireshark.org/Development/Win64
31. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9044
32. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3528
33. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4035
34. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4056
35. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4357
36. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4445
37. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4985
38. http://ask.wireshark.org/
39. http://www.wireshark.org/lists/
40. http://www.wiresharktraining.com/
41. http://www.wireshark.org/faq.html
|
