WireShark v1.2.6 released
Wireshark is the world’s most popular network protocol analyzer. It has a rich and powerful feature set and runs on most computing platforms including Windows, OS X, Linux, and UNIX. Network professionals, security experts, developers, and educators around the world use it regularly. It is freely available as open source, and is released under the GNU General Public License version 2
Wireshark 1.2.6 (stable) has been released. Installers for Windows, Mac OS X 10.5.5 and above (Intel and PPC), and source code is now available. This release fixes a vulnerability in the LWRES dissector. See the advisory below for details.
Name:LWRES vulnerability in Wireshark® version 0.9.0 to 1.2.5
Docid: wnpa-sec-2010-02
Date: January 27, 2010
Versions affected: 0.9.0 up to and including 1.2.5
Details
Description
Wireshark 1.2.6 fixes the following vulnerabilities:
- Babi discovered several buffer overflows in the LWRES dissector.
Versions affected: 0.9.15 to 1.0.10, 1.2.0 to 1.2.5
Impact
It may be possible to make Wireshark crash remotely or by convincing someone to read a malformed packet trace file.
Resolution
Upgrade to Wireshark 1.2.6 or later.
If are running Wireshark 1.2.5 or earlier (including Ethereal) and cannot upgrade, you can work around each of the problems listed above by doing the following:
- Disable the LWRES dissector:
- Select Analyze→Enabled Protocols... from the menu.
- Make sure "LWRES" is un-checked.
- Click "Save", then click "OK".
Post scriptum
Related Articles
Data Sniffer |
|
WireShark - Ethereal |
|