InfoSecBulletin Cybersecurity for mankind
With improved protocol support, various bug fixes, and several enhancements, Wireshark has released version 4.0.5. On March 3, 2023, the most recent version of Wireshark 4.0.4 was made available; this is the second upgrade of this year.
The open-source packet analyzer Wireshark is free to use. It is employed in developing software and communications protocols, network troubleshooting, analysis, and education.
Hacker compromised over 2000 Palo Alto Networks Firewalls
“Forces Penpals” exposed US and UK Military Social Network’s 1 Million Records
CVE-2024-51503
Trend Micro released updates for Deep Security Agent RCE
Apple Releases Patch for two Actively Exploited Zero-Day
Maxar Space Data Leak, Company admit, Investigation ongoing!
GitHub CLI Vulnerability Could Allow RCE
“Sarcoma” ransomware group
Hacker to disclose “Popular Life Insurance” 36 GB of stolen data
BugHunt 2024: A Milestone Cyber security Competition held at Dhaka
TP-Link DHCP Vulnerability Allow Attackers Takeover Routers Remotely
WSJ reports
T-Mobile hacked in massive breach of telecom networks
Wireshark is one of the most extensively used tools for analyzing network protocols and serves a variety of tasks.
According to the Wireshark team, official 32-bit Windows packages are unavailable for Wireshark 4.0 and later.
“We do not ship official 32-bit Windows packages for Wireshark 4.0 and later. If you need to use Wireshark on that platform, we recommend using the latest 3.6 release”, Wireshark.
“If you’re running Wireshark on macOS and upgraded to macOS 13 from an earlier version, you will likely have to open and run the “Uninstall ChmodBPF” package, then open and run “Install ChmodBPF” to reset the ChmodBPF Launch Daemon.”
There are different operating systems for which the Wireshark packet analyzer is accessible, including Windows, Linux, macOS, and BSD.
Wireshark 4.0.5 – Protocol Support
DHCP, DIS, DNS, ERF, FF, genl, GQUIC, GSM A-bis OML, HL7, IEEE 802.11, ITS, LAPD, netfilter, netlink-route, netlink-sock_diag, nl80211, RLC, RPCoRDMA, RTPS, SCTP, SMB, UDS, VNC, and WCP.
Bug Fixes
- Wireshark ITS Dissector RTCMEM wrong protocol version selector 2 – should use 1. Issue 18862.
- Wireshark treats the letter E in SSRC as an exponential representation of a number. Issue 18879.
- VNC RRE Parser skips over data. Issue 18883.
- sshdump coredump when –remote-interface is left empty. Issue 18904.
- Fuzz job crash output: fuzz-2023-03-17-7298.pcap. Issue 18917.
- Fuzz job crash output: fuzz-2023-03-27-7564.pcap. Issue 18934.
- RFC8925 support (dhcp option 108) Issue 18943.
- DIS dissector shows an incorrect state in the packet list info column. Issue 18967.
- RTP analysis shows incorrect timestamp error when timestamp is rolled over. Issue 18973.
- Asterisk (*) key crash on Endpoint/Conversation dialog. Issue 18975.
- The RTP player waveform now synchronizes better with audio.
Vulnerabilities Fixes:
- wnpa-sec-2023-09 RPCoRDMA dissector crash. Issue 18852.
- wnpa-sec-2023-10 LISP dissector large loop. Issue 18900.
- wnpa-sec-2023-11 GQUIC dissector crash Issue 18947.
Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform.
A list of third-party packages can be found on the download page on the Wireshark website. Wireshark source code and installation packages are available.
