Versions 1.4.9 and 1.6.2 of Wireshark have been released. According to the developers, the maintenance and security updatesaddress a number of vulnerabilities – some of which are rated as ‘highly critical’ by Secunia – in the open source, cross-platform network protocol analyser. The vulnerabilities could be exploited by an attacker to, for example, cause a denial-of-service (DoS) or compromise a victim’s system.
According to the security advisories, the issues include problems related to malformed IKE packets that could consume excessive resources resulting in a crash, and a bug that could lead Wireshark to run malicious Lua scripts causing the application to execute arbitrary code. Versions 1.4.0 to 1.4.8 and 1.6.0 and 1.6.1 are affected.
Other issues in the 1.6.x branch include crashing bugs in the CSN.1 dissector, the OpenSafety dissector and in the way capture files are handled. In addition to the bug fixes, protocol support has been updated. No new features have been added.
More details about the updates, including a full list of bug fixes and known problems, can be found in the 1.4.9 and 1.6.2 release notes. Wireshark binaries for Windows and Mac OS X, as well as the source code, are available todownload from the project’s site. Wireshark is licensed under the GPLv2.