Wireshark是全球著名的网络封包分析软件。网络封包分析软件的功能是撷取网络封包,并尽可能显示出最为详细的网络封包资料。
The following vulnerabilities have been fixed.
- wnpa-sec-2012-08
Infinite and large loops in the ANSI MAP, ASF, BACapp, Bluetooth HCI, IEEE 802.11, IEEE 802.3, LTP, and R3 dissectors have been fixed. Discovered by Laurent Butti. (Bugs 6805, 7118, 7119, 7120, 7121, 7122, 7124, 7125)
Versions affected: 1.4.0 to 1.4.12, 1.6.0 to 1.6.7.
CVE-2012-2392
- wnpa-sec-2012-09
The DIAMETER dissector could try to allocate memory improperly and crash. (Bug 7138)
Versions affected: 1.4.0 to 1.4.12, 1.6.0 to 1.6.7.
CVE-2012-2393
wnpa-sec-2012-10
- Wireshark could crash on SPARC processors due to misaligned memory. Discovered by Klaus Heckelmann. (Bug 7221)
Versions affected: 1.4.0 to 1.4.12, 1.6.0 to 1.6.7.
CVE-2012-2394
The following bugs have been fixed:
- User-Password – PAP decoding passwords longer than 16 bytes. (Bug 6779)
- The MSISDN is not seen correctly in GTP packet. (Bug 7042)
- Wireshark doesn’t calculate the right IPv4 destination using source routing options when bad options precede them. (Bug 7043)
- BOOTP dissector issue with DHCP option 82 – suboption 9. (Bug 7047)
- MPLS dissector in 1.6.7 and 1.7.1 misdecodes some MPLS CW packets. (Bug 7089)
- ANSI MAP infinite loop. (Bug 7119)
- HCIEVT infinite loop. (Bug 7122)
- Wireshark doesn’t decode NFSv4.1 operations. (Bug 7127)
- LTP infinite loop. (Bug 7124)
- Wrong values in DNS CERT RR. (Bug 7130)
- Megaco parser problem with LF in header. (Bug 7198)
- OPC UA bytestring node id decoding is wrong. (Bug 7226)
下载地址:http://www.wireshark.org/download.html