Your one-stop web resource providing safety and security information to manufacturers

Cleaner, more secure versions 1.6.8 and 1.4.13 of the open source Wireshark network protocol analyzer are ready to go.

The maintenance and security updates to the cross-platform tool address three vulnerabilities an attacker could exploit to cause a denial-of-service (DoS).

HULK Takes Down Web Server
DoS Flaw in Bitcoin
Botnet Rises and Falls Again
Microsoft Seizes Zeus Servers

These include a memory allocation flaw in the DIAMETER dissector, infinite and large loops in eight other dissectors, and a memory alignment flaw when running on SPARC or Itanium processors.

For an attack to be successful, an attacker must inject a malformed packet onto the wire or convince a victim to read a malformed packet trace file.

Cyber Security

Versions 1.4.0 to 1.4.12 and 1.6.0 to 1.6.7 suffer from the issue; upgrading to 1.4.13 or 1.6.8 corrects these problems.

A full list of changes and bug fixes in the updates are in the 1.4.13 and 1.6.8 release notes. Wireshark 1.4.13 and 1.6.8 are available to download from the project’s site and its license is from the GPLv2

Pin It on Pinterest

Share This