InfoSecBulletin Cybersecurity for mankind
With improved protocol support, various bug fixes, and several enhancements, Wireshark has released version 4.0.5. On March 3, 2023, the most recent version of Wireshark 4.0.4 was made available; this is the second upgrade of this year.
The open-source packet analyzer Wireshark is free to use. It is employed in developing software and communications protocols, network troubleshooting, analysis, and education.
WhatsApp banned on all US House of Representatives devices
Kaspersky found “SparkKitty” Malware on Google Play, Apple App Store
OWASP AI Testing Guide Launched to Uncover Vulns in AI Systems
Axentec Launches Bangladesh’s First Locally Hosted Tier-4 Cloud Platform
Hackers Bypass Gmail MFA With App-Specific Password Reuse
Russia detects first SuperCard malware attacks via NFC
Income Property Investments exposes 170,000+ Individuals record
ALERT (CVE: 2023-28771)
Zyxel Firewalls Under Attack via CVE-2023-28771 by 244 IPs
CISA Flags Active Exploits in Apple iOS and TP-Link Routers
10K Records Allegedly from Mac Cloud Provider’s Customers Leaked Online
Wireshark is one of the most extensively used tools for analyzing network protocols and serves a variety of tasks.
According to the Wireshark team, official 32-bit Windows packages are unavailable for Wireshark 4.0 and later.
“We do not ship official 32-bit Windows packages for Wireshark 4.0 and later. If you need to use Wireshark on that platform, we recommend using the latest 3.6 release”, Wireshark.
“If you’re running Wireshark on macOS and upgraded to macOS 13 from an earlier version, you will likely have to open and run the “Uninstall ChmodBPF” package, then open and run “Install ChmodBPF” to reset the ChmodBPF Launch Daemon.”
There are different operating systems for which the Wireshark packet analyzer is accessible, including Windows, Linux, macOS, and BSD.
Wireshark 4.0.5 – Protocol Support
DHCP, DIS, DNS, ERF, FF, genl, GQUIC, GSM A-bis OML, HL7, IEEE 802.11, ITS, LAPD, netfilter, netlink-route, netlink-sock_diag, nl80211, RLC, RPCoRDMA, RTPS, SCTP, SMB, UDS, VNC, and WCP.
Bug Fixes
- Wireshark ITS Dissector RTCMEM wrong protocol version selector 2 – should use 1. Issue 18862.
- Wireshark treats the letter E in SSRC as an exponential representation of a number. Issue 18879.
- VNC RRE Parser skips over data. Issue 18883.
- sshdump coredump when –remote-interface is left empty. Issue 18904.
- Fuzz job crash output: fuzz-2023-03-17-7298.pcap. Issue 18917.
- Fuzz job crash output: fuzz-2023-03-27-7564.pcap. Issue 18934.
- RFC8925 support (dhcp option 108) Issue 18943.
- DIS dissector shows an incorrect state in the packet list info column. Issue 18967.
- RTP analysis shows incorrect timestamp error when timestamp is rolled over. Issue 18973.
- Asterisk (*) key crash on Endpoint/Conversation dialog. Issue 18975.
- The RTP player waveform now synchronizes better with audio.
Vulnerabilities Fixes:
- wnpa-sec-2023-09 RPCoRDMA dissector crash. Issue 18852.
- wnpa-sec-2023-10 LISP dissector large loop. Issue 18900.
- wnpa-sec-2023-11 GQUIC dissector crash Issue 18947.
Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform.
A list of third-party packages can be found on the download page on the Wireshark website. Wireshark source code and installation packages are available.
