Wireshark 0.99.5 released
Gerald Combs, the creator of Ethereal®, has initiated the Wireshark network protocol analyzer project, a successor to Ethereal®. The Ethereal® core developer team has moved with Gerald to the Wireshark project
What’s New
Bug Fixes
The following vulnerabilities have been fixed. See the security advisory for details and a workaround.
- The TCP dissector could hang or crash while reassembling HTTP packets. (Bug 1200) Versions affected: 0.99.2 to 0.99.4
CVE-2007-0459
- The HTTP dissector could crash.
Versions affected: 0.99.3 to 0.99.4
CVE-2007-0458
- On some systems, the IEEE 802.11 dissector could crash.
Versions affected: 0.10.14 to 0.99.4
CVE-2007-0457
- On some systems, the LLT dissector could crash.
Versions affected: 0.99.3 to 0.99.4
CVE-2007-0456
The following bugs have been fixed:
- On Windows systems the packet list scroll bar could sometimes disappear or become unusable. (Bug 220)
- The end of HTTP chunked encoding wasn’t being displayed. (Bug 646)
- The Follow TCP Stream window could omit characters. (Bug 1043)
- Opening a flow graph could crash Wireshark. (Bug 1117)
- Follow TCP Stream would sometimes get the direction wrong. (Bug 1138)
- The foreground text in the coloring rules editor was always black. (Bug 1164)
- The CSV export format was incorrect. (Bug 1173)
- On some Windows systems Wireshark could take a long time to start up.
- Malformed UDLD packets could cause an exception.
- The ISUP statistics report could overflow a buffer and crash when displaying IPv6 addresses.
New and Updated Features
The following features are new (or have been significantly updated) since the last release:
- We are now offering Wireshark as a U3 package for Windows. U3 packages are suitable for using on USB drives and CD-ROMs. It’s still experimental, but you’re welcome to try it out and report any problems or successes.
- Decryption support for WPA/WPA2 and SNMPv3 has been added. The TDS / MS SQL dissector now de-obfuscates passwords.
- 64-bit file handling has been improved.
- The Find function now selects the corresponding packet detail item. Find functionality has been added to the TCP and SSL stream dialogs.
- Main window keyboard navigation has been improved.
- Windows file dialogs now show the "places" bar (Desktop, My Documents, My Computer, My Network Places, etc). File dialogs now default to "My Documents" in accordance with Microsoft’s HIG.
- AirPcap support (which provides raw mode capture under Windows) has been enhanced to allow capturing on multiple AirPcap adapters simultaneously.
- You can no longer install Wireshark on Windows 95, 98, or ME. (OK, so it’s not a feature per se, but it’s an important change). The last version known to work on these systems is Ethereal 0.99.0.
- ASN.1 BER-encoded files can now be dissected according to a user-specified syntax.
Post scriptum
Related Articles
Data Sniffer |
|
WireShark - Ethereal |
|