Home Wireshark updates close security holes

Wireshark updates close security holes


Wireshark updates close security holes

Versions 1.4.9 and 1.6.2 of Wireshark have been released. According to the developers, the maintenance and security updatesaddress a number of vulnerabilities – some of which are rated as ‘highly critical’ by Secunia – in the open source, cross-platform network protocol analyser. The vulnerabilities could be exploited by an attacker to, for example, cause a denial-of-service (DoS) or compromise a victim’s system.
According to the security advisories, the issues include problems related to malformed IKE packets that could consume excessive resources resulting in a crash, and a bug that could lead Wireshark to run malicious Lua scripts causing the application to execute arbitrary code. Versions 1.4.0 to 1.4.8 and 1.6.0 and 1.6.1 are affected.
Other issues in the 1.6.x branch include crashing bugs in the CSN.1 dissector, the OpenSafety dissector and in the way capture files are handled. In addition to the bug fixes, protocol support has been updated. No new features have been added.
More details about the updates, including a full list of bug fixes and known problems, can be found in the 1.4.9 and 1.6.2 release notes. Wireshark binaries for Windows and Mac OS X, as well as the source code, are available todownload from the project’s site. Wireshark is licensed under the GPLv2.

Source The H-Open

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.