Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Wireshark 1.2.2 (and 1.0.9) is out!

Published: 2009-09-16
Last Updated: 2009-09-16 06:48:01 UTC
by Raul Siles (Version: 1)
0 comment(s)

The Wireshark team has released a new version of the famous graphical traffic sniffer and protocol analyzer, 1.2.2 (and 1.0.9 for those still running the old stable branch), due to multiple security vulnerabilities affecting the GSM, OpcUa, and TLS dissectors (the latter is specially relevant), plus fixes for other memory leaks. An attacker might force Wireshark to crash remotely during live captures or by convincing someone to read a malformed packet trace file.

More information in the official advisory page and release notes. Time to update Wireshark! If for any reason you cannot update, please, disable these three dissectors following the steps in the advisory.

Raul Siles

Keywords: wireshark
0 comment(s)
Diary Archives