InfoSecBulletin Cybersecurity for mankind
With improved protocol support, various bug fixes, and several enhancements, Wireshark has released version 4.0.5. On March 3, 2023, the most recent version of Wireshark 4.0.4 was made available; this is the second upgrade of this year.
The open-source packet analyzer Wireshark is free to use. It is employed in developing software and communications protocols, network troubleshooting, analysis, and education.
CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed
ALERT
Thousands of IP addresses compromised nationwide: CIRT warn
New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries
Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks
Critical RCE Flaw Patched in Roundcube Webmail
Hacker claim Leak of Deloitte Source Code & GitHub Credentials
CISA Issued Guidance for SIEM and SOAR Implementation
Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora
Australia enacts mandatory ransomware payment reporting
Why Govt Demands Foreign CCTV Firms to Submit Source Code?
Wireshark is one of the most extensively used tools for analyzing network protocols and serves a variety of tasks.
According to the Wireshark team, official 32-bit Windows packages are unavailable for Wireshark 4.0 and later.
“We do not ship official 32-bit Windows packages for Wireshark 4.0 and later. If you need to use Wireshark on that platform, we recommend using the latest 3.6 release”, Wireshark.
“If you’re running Wireshark on macOS and upgraded to macOS 13 from an earlier version, you will likely have to open and run the “Uninstall ChmodBPF” package, then open and run “Install ChmodBPF” to reset the ChmodBPF Launch Daemon.”
There are different operating systems for which the Wireshark packet analyzer is accessible, including Windows, Linux, macOS, and BSD.
Wireshark 4.0.5 – Protocol Support
DHCP, DIS, DNS, ERF, FF, genl, GQUIC, GSM A-bis OML, HL7, IEEE 802.11, ITS, LAPD, netfilter, netlink-route, netlink-sock_diag, nl80211, RLC, RPCoRDMA, RTPS, SCTP, SMB, UDS, VNC, and WCP.
Bug Fixes
- Wireshark ITS Dissector RTCMEM wrong protocol version selector 2 – should use 1. Issue 18862.
- Wireshark treats the letter E in SSRC as an exponential representation of a number. Issue 18879.
- VNC RRE Parser skips over data. Issue 18883.
- sshdump coredump when –remote-interface is left empty. Issue 18904.
- Fuzz job crash output: fuzz-2023-03-17-7298.pcap. Issue 18917.
- Fuzz job crash output: fuzz-2023-03-27-7564.pcap. Issue 18934.
- RFC8925 support (dhcp option 108) Issue 18943.
- DIS dissector shows an incorrect state in the packet list info column. Issue 18967.
- RTP analysis shows incorrect timestamp error when timestamp is rolled over. Issue 18973.
- Asterisk (*) key crash on Endpoint/Conversation dialog. Issue 18975.
- The RTP player waveform now synchronizes better with audio.
Vulnerabilities Fixes:
- wnpa-sec-2023-09 RPCoRDMA dissector crash. Issue 18852.
- wnpa-sec-2023-10 LISP dissector large loop. Issue 18900.
- wnpa-sec-2023-11 GQUIC dissector crash Issue 18947.
Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform.
A list of third-party packages can be found on the download page on the Wireshark website. Wireshark source code and installation packages are available.
