Wireshark 1.7.1 (32-bit) Beta
Wireshark 1.7.0 (32-bit) Beta
Wireshark 1.0.8
更新細節:
The following vulnerabilities have been fixed.
* The PCNFSD dissector could crash.
Versions affected: 0.8.20 to 1.0.7
The following bugs have been fixed:
* Lua integration could crash. (Bug 2453)
* The SCCP dissector could crash when loading more than one file in a single session. (Bug 3409)
* The NDMP dissector could crash if reassembly was enabled. (Bug 3470)
版本下載:Wireshark 1.0.8
Wireshark 1.0.7
更新細節:
Bug Fixes
The following vulnerabilities have been fixed. See the security advisory for details and a workaround.
* The PROFINET dissector was vulnerable to a format string overflow. (Bug 3382)
Versions affected: 0.99.6 to 1.0.6
CVE-2009-1210
* The LDAP dissector could crash on Windows. (Bug 3262)
Versions affected: 0.99.2 to 1.0.6
CVE-2009-1267
* The Check Point High-Availability Protocol (CPHAP) dissector could crash. (Bug 3269)
Versions affected: 0.9.6 to 1.0.6
CVE-2009-1268
* Wireshark could crash while loading a Tektronix .rf5 file. (Bug 3366)
Versions affected: 0.99.6 to 1.0.6
CVE-2009-1269
The following bugs have been fixed:
* Correct use of proto_tree_add_int_format() (Bug 3048)
* RTP dynamic payload clock rates incorrectly determined (Bug 3067)
* TShark fails to properly close capture files when opening new ones (Bug 3172)
* ANSI MAP digits type decode and bitmask corrections (Bug 3233)
* Two small patches for ipvs-syncd dissector (Bug 3236)
* BGP capability dissection failure (Bug 3247)
* ANSI MAP fix for missing MEID/MSC ID number in RegNot (Bug 3255)
* BACnet PrivateTransferError shows malformed packet (Bug 3257)
* Windows silent installer is not that silent (Bug 3260)
* Crash in ASN.1 dissector when using 'type table' (Bug 3271)
* 802.11n SM Power save mode value 0x3 label is incorrect (Bug 3276)
* 802.11 WME ie displayed incorrectly (Bug 3284)
* "Copy as filter" from the packet list has been fixed.
New and Updated Features
There are no new or updated features in this release.
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
ACN, ANSI MAP, ASN.1 BACnet, BGP, CPHAP, GSM MAP, IEEE 802.11, IPVS, LDAP, NetFlow/IPFIX, PROFINET, RTP, SNMP, WSP
New and Updated Capture File Support
(TBD)
版本下載:Wireshark 1.0.7
Wireshark 1.0.6
更新細節:
Bug Fixes
The following vulnerabilities have been fixed. See the security advisory for details and a workaround.
*On non-Windows systems, Wireshark could crash if the HOME environment variable contained sprintf-style string formatting characters. Discovered by babi. (Bug 3150)
Versions affected: 0.99.8 to 1.0.5
*Wireshark could crash while reading a malformed NetScreen snoop file. Discovered by babi. (Bug 3151)
Versions affected: 0.99.7 to 1.0.5
*Wireshark could crash while reading a Tektronix K12 text capture file. (Bug 1937)
Versions affected: 0.99.6 to 1.0.5
The following bugs have been fixed:
*Crash when loading capture file and Preferences: NO Info column (Bug 2902)
*Some Lua scripts may lead to corruption via out of bounds stack (Bug 3062)
*Build with GLib 1.2 fails with error: 'G_MININT32' undeclared (Bug 3109)
*Wrong decoding IMSI with GSM MAP protocol (Bug 3116)
*Segmentation fault for "Follow TCP stream" (Bug 3119)
*SMPP optional parameter 'network_error_code' incorrectly decoded (Bug 3128)
*DHCPv6 dissector doesn't handle malformed FQDN (Bug 3134)
*WCCP overrides CFLOW as decoded protocol (Bug 3175)
*Improper decoding of MPLS echo reply IPv4 Interface and Label Stack Object (Bug 3179)
*ANSI MAP fix for TRN digits/SMS and OTA subdissection (Bug 3214)
*The 1.0 branch can now be built with Visual Studio 2008.
New and Updated Features
*The version of GNUTLS included with the Windows packages has been updated from 2.3.8 to 2.6.3.
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
AFS, ATM, DHCPv6, DIS, E.212, RTP, UDP, USB, WCCP, WPS
New and Updated Capture File Support
NetScreen snoop
版本下載:Wireshark 1.0.6
Wireshark 1.1.2 Beta (32-bit)
更新細節:
This version improves file previews on Windows, updates supporting libraries (including a security fix in c-ares), and adds GeoIP support.
版本下載:Wireshark 1.1.2 Beta (32-bit)
Wireshark 1.0.5
更新細節:
What's New
Bug Fixes
The following vulnerabilities have been fixed. See the security
advisory for details and a workaround.
o The SMTP dissector could consume excessive amounts of CPU and
memory.
Versions affected: 1.0.4
o The WLCCP dissector could go into an infinte loop.
Versions affected: 0.99.7 to 1.0.4
The following bugs have been fixed:
o Missing CRLF during HTTP POST in the "packet details" window
(Bug 2534)
o Memory assertion in time_secs_to_str_buf() when compiled with
GCC 4.2.3 (Bug 2777)
o Diameter dissector fails RFC 4005 compliance (Bug 2828)
o LDP vendor private TLV type is not correctly shown (Bug 2832)
o Wireshark on MacOS does not run when there are spaces in its
path (Bug 2844)
o OS X Intel package incorrectly claims to be Universal (Bug
2979)
o Compilation broke when compiling without zlib (Bug 2993)
o Memory leak: saved_repoid (Bug 3017)
o Memory leak: follow_info (Bug 3018)
o Memory leak: follow_info (Bug 3019)
o Memory leak: tacplus_data (Bug 3020)
o Memory leak: col_arrows (Bug 3021)
o Memory leak: col_arrows (Bug 3022)
o Incorrect address structure assigned for find_conversation()
in WSP (Bug 3071)
o Memory leak with unistim in voip_calls (Bug 3079)
o Error parsing the BSSGP protocol (Bug 3085)
o Assertion thrown in fvalue_get_uinteger when decoding TIPC
(Bug 3086)
o LUA script : Wireshark crashes after closing and opening again
a window used by a listener.draw() function. (Bug 3090)
New and Updated Features
There are no new or updated features in this release.
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
ANSI MAP, BSSGP, CIP, Diameter, ENIP, GIOP, H.263, H.264, HTTP,
MPEG PES, PostgreSQL, PPI, PTP, Rsync, RTP, SMTP, SNMP, STANAG
5066, TACACS, TIPC, WLCCP, WSP
New and Updated Capture File Support
None
Getting Wireshark
Wireshark source code and installation packages are available from
the download page on the main web site.
Vendor-supplied Packages
Most Linux and Unix vendors supply their own Wireshark packages.
You can usually install or upgrade Wireshark using the package
management system specific to that platform. A list of third-party
packages can be found on the download page on the Wireshark web
site.
File Locations
Wireshark and TShark look in several different locations for
preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
These locations vary from platform to platform. You can use
About->Folders to find the default locations on your system.
Known Problems
Wireshark may appear offscreen on multi-monitor Windows systems.
(Bug 553)
Wireshark might make your system disassociate from a wireless
network on OS X. (Bug 1315)
Dumpcap might not quit if Wireshark or TShark crashes. (Bug 1419)
The BER dissector might infinitely loop. (Bug 1516)
Wireshark can't dynamically update the packet list. This means
that host name resolutions above a certain response time threshold
won't show up in the packet list. (Bug 1605)
Capture filters aren't applied when capturing from named pipes.
(Bug 1814)
Wireshark might freeze when reading from a pipe. (Bug 2082)
Capturing from named pipes might be delayed on Windows. (Bug 2200)
Filtering tshark captures with display filters (-R) no longer
works. (Bug 2234)
Getting Help
Community support is available on the wireshark-users mailing
list. Subscription information and archives for all of Wireshark's
mailing lists can be found on the web site.
Commercial support and development services are available from
CACE Technologies.
Frequently Asked Questions
A complete FAQ is available on the Wireshark web site.
版本下載:Wireshark 1.0.5
Wireshark 1.0.4
更新細節:
What's New
Bug Fixes
The following vulnerabilities have been fixed. See the security
advisory for details and a workaround.
o Florent Drouin and David Maciejak found that the Bluetooth ACL
dissector could crash or abort. (Bug 1513)
Versions affected: 0.99.2 to 1.0.3
o The Q.931 dissector could crash or abort. (Bug 2870)
Versions affected: 0.10.3 to 1.0.3
o Wireshark could abort while reading Tamos CommView capture
files. (Bug 2926)
Versions affected: 0.99.7 to 1.0.3
o David Maciejak found that the USB dissector could crash or
abort. This led to the disovery of a similar problem in the
Bluetooth RFCOMM dissector. (Bug 2922)
Versions affected: 0.99.7 to 1.0.3
o Vivek Gupta and David Maciejak found that the PRP and MATE
dissectors could make Wireshark crash. (Neither PRP nor MATE
are enabled by default.) (Bug 2549)
Versions affected: 0.99.2 to 1.0.3
The following bugs have been fixed:
o Let MP2T call its subdissectors, even without tree (Bug 2627)
o Wireless Toolbar not enabled (using AirPcap) if PCAP_REMOTE=1
(Bug 2685)
o Failure to dissect long SASL wrapped LDAP response (Bug 2687)
o Fix compiler warnings (Bug 2823)
o Homeplug dissection bugs (Bug 2859)
o Malformed Packet DCP ETSI error (Bug 2860)
o Wrong size of selected_registrar in WPS dissector (Bug 2865)
o Dissector assertion displaying cookies in DTLS frames (Bug
2876)
o Missing field type in documentation (Bug 2889)
o Wireshark -p switch seems to have no effect to PROMISCUOUS
mode (Bug 2891)
o Misspelled PPI error vector magnitude filter (Bug 2903)
o Modbus Function 43 Encapsulated Interface Transport decoding
(Bug 2917)
o Crash when printing or exporting some protocol data (Bug 2934)
o Crash when selecting "Export Selected Packet Bytes" (Bug 2964)
New and Updated Features
There are no new or updated features in this release.
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
AFP, Bluetooth ACL, Bluetooth RFCOMM, DCP ETSI, DTLS, Homeplug,
IEEE 802.11, IP, Modbus TCP, MP2T, NSIP, NCP, PPI, Q.931, SASL,
SNMP, USB, WPS
New and Updated Capture File Support
AiroPeek, CommView
Getting Wireshark
Wireshark source code and installation packages are available from
the download page on the main web site.
Vendor-supplied Packages
Most Linux and Unix vendors supply their own Wireshark packages.
You can usually install or upgrade Wireshark using the package
management system specific to that platform. A list of third-party
packages can be found on the download page on the Wireshark web
site.
File Locations
Wireshark and TShark look in several different locations for
preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
These locations vary from platform to platform. You can use
About->Folders to find the default locations on your system.
Known Problems
Wireshark may appear offscreen on multi-monitor Windows systems.
(Bug 553)
Wireshark might make your system disassociate from a wireless
network on OS X. (Bug 1315)
Dumpcap might not quit if Wireshark or TShark crashes. (Bug 1419)
The BER dissector might infinitely loop. (Bug 1516)
Wireshark can't dynamically update the packet list. This means
that host name resolutions above a certain response time threshold
won't show up in the packet list. (Bug 1605)
Capture filters aren't applied when capturing from named pipes.
(Bug 1814)
Wireshark might freeze when reading from a pipe. (Bug 2082)
Capturing from named pipes might be delayed on Windows. (Bug 2200)
Filtering tshark captures with display filters (-R) no longer
works. (Bug 2234)
Getting Help
Community support is available on the wireshark-users mailing
list. Subscription information and archives for all of Wireshark's
mailing lists can be found on the web site.
Commercial support and development services are available from
CACE Technologies.
Frequently Asked Questions
A complete FAQ is available on the Wireshark web site.
版本下載:Wireshark 1.0.4
Wireshark 1.1.1 Beta (32-bit)
更新細節:
This version fixes several problems with the 1.1.0 release, including an issue that kept Wireshark from running on many Windows machines.
版本下載:Wireshark 1.1.1 Beta (32-bit)
Wireshark 1.0.3
更新細節:
Notes:
Wireshark 1.0.3 Release Notes
------------------------------------------------------------------
What is Wireshark?
Wireshark is the world's most popular network protocol analyzer.
It is used for troubleshooting, analysis, development, and
education.
What's New
Bug Fixes
The following vulnerabilities have been fixed. See the security
advisory for details and a workaround.
o The NCP dissector was susceptible to a number of problems,
including buffer overflows and an infinite loop.
Versions affected: 0.9.7 to 1.0.2
o Wireshark could crash while uncompressing zlib-compressed
packet data.
Versions affected: 0.10.14 to 1.0.2
o Wireshark could crash while reading a Tektronix .rf5 file.
Versions affected: 0.99.6 to 1.0.2
The following bugs have been fixed:
o 802.11 WPA/WPA2-PSK Unable to decode Group Keys. (Bug 1420)
o Packets could wrongly be dissected as "Redback Lawful
Intercept" (Bug 2376)
o MIKEY dissector improvements (Bug 2400)
o tvb_get_bits{16|32} could read past the end of a tvbuff (Bug
2439)
o Incorrect wslua function names. (Bug 2448)
o Memory corruption in wslua. (Bug 2453)
o Unknown PPPoE TAGs which are present in a PPPoE discovery
packet are not displayed under "PPPoE Tags" subtree/section.
(Bug 2458)
o Following a TCP stream could incorrectly reassemble packets.
(Bug 2606)
o SIP decode shows fully expanded "Content-Length" header
instead of compact form. (Bug 2635)
o Segmentation fault loading trace containing NCP packets. (Bug
2675)
o SIP packets might incorrectly be displayed as malformed. (Bug
2729)
o RTCP BYE padding interpreted incorrectly. (Bug 2778)
o Reversed RTP stream is saved as silent .au file, forward
stream saves correctly. (Bug 2780)
o Fix some lint warnings. (Bug 2822)
o Setting a duration on a capture file would capture for an
extra second.
New and Updated Features
There are no new or updated features in this release.
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
AIM, Bluetooth RFCOMM, ERF, K12, NCP, PPP BCP, PPPoE, Q.933,
Redback LI, RTCP, RTP, SIP, SNMP, TCP, V.120, WiMAX
New and Updated Capture File Support
Endace ERF.
Getting Wireshark
Wireshark source code and installation packages are available from
the download page on the main web site.
Vendor-supplied Packages
Most Linux and Unix vendors supply their own Wireshark packages.
You can usually install or upgrade Wireshark using the package
management system specific to that platform. A list of third-party
packages can be found on the download page on the Wireshark web
site.
File Locations
Wireshark and TShark look in several different locations for
preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
These locations vary from platform to platform. You can use
About->Folders to find the default locations on your system.
Known Problems
Wireshark may appear offscreen on multi-monitor Windows systems.
(Bug 553)
Wireshark might make your system disassociate from a wireless
network on OS X. (Bug 1315)
Dumpcap might not quit if Wireshark or TShark crashes. (Bug 1419)
The BER dissector might infinitely loop. (Bug 1516)
Wireshark can't dynamically update the packet list. This means
that host name resolutions above a certain response time threshold
won't show up in the packet list. (Bug 1605)
Capture filters aren't applied when capturing from named pipes.
(Bug 1814)
Wireshark might freeze when reading from a pipe. (Bug 2082)
Capturing from named pipes might be delayed on Windows. (Bug 2200)
Filtering tshark captures with display filters (-R) no longer
works. (Bug 2234)
Getting Help
Community support is available on the wireshark-users mailing
list. Subscription information and archives for all of Wireshark's
mailing lists can be found on the web site.
Commercial support and development services are available from
CACE Technologies.
Frequently Asked Questions
A complete FAQ is available on the Wireshark web site.
版本下載:Wireshark 1.0.3
Wireshark 1.0.2
更新細節:
What's New
Bug Fixes
The following vulnerabilities have been fixed. See the security advisory for details and a workaround.
* Wireshark could crash while reassembling packets.
Versions affected: 0.8.19 to 1.0.1
The following bugs have been fixed:
* Dumpcap could crash on some versions of Windows (primarily Vista). (Bug 2677)
New and Updated Features
There are no new or updated features in this release.
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
There are no updated protocols in this release.
New and Updated Capture File Support
There is no new or updated capture file support in this release.
版本下載:Wireshark 1.0.2
Wireshark 1.0.1
更新細節:
What's New
Bug Fixes
The following vulnerabilities have been fixed. See the security advisory for details and a workaround.
*The GSM SMS dissector could crash.Versions affected: 0.99.2 to 1.0.0
*The PANA and KISMET dissectors could force Wireshark to quit unexpectedly.Versions affected: 0.99.3 to 1.0.0
*The RTMPT dissector could crash.Versions affected: 0.99.8 to 1.0.0
*The RMI dissector could disclose system memory. Discovered by Noam Rathus.Versions affected: 0.9.5 to 1.0.0
*The syslog dissector could crash.Versions affected: 1.0.0
The following bugs have been fixed:
*RPC portmap classification switched to TCP after filtering. (Bug 1392)
*Force the foreground color when the background is forced. (Bug 1735)
*RPC stream shows malformed packets. (Bug 2148)
*SNMP trap dissection fails. (Bug 2253)
*Failure to detect/open valid ERF files. (Bug 2359)
*Window scaling bug. (Bug 2378)
*Bugs in the EIGRP dissector. (Bug 2381)
*E212 Mobile network code 3rd digit is not correctly decoded. (Bug 2393)
*The BOOTP dissector fails to initialize and display some values. (Bug 2395)
*Data string filter crash. (Bug 2402)
*Debian packaging problems. (Bug 2405)
*Expert info composite crash for LDAP. (Bug 2407)
*Statistics > Multicast Streams are broken. (Bug 2414)
*"Read me first" file is empty in the OS X .dmg. (Bug 2425)
*Failed tshark PDML export to file. (Bug 2432)
*RTCP MOS fields display wrong values. (Bug 2440)
*SNMP trap parse error. (Bug 2442)
*Ports incorrectly decoded as DPLAY instead of RTP. (Bug 2452)
*Incorrect decoding of DST MAC address of frame containing ICMPv6 Echo Request. (Bug 2456)
*Fix wireshark-filter man page for packet-diameter_3gpp.c fields. (Bug 2457)
*Dissector bug, protocol SNMP: proto.c:932: failed assertion. (Bug 2468)
*UDP not decoded as UNIStim. (Bug 2475)
*Debug text output from MIKEY dissector. (Bug 2481)
*Windows compilation errors with flex 2.5.35. (Bug 2493)
*RTP heuristic interferes with STUN/T38 portion of heuristic. (Bug 2497)
*WiMAX dissector assertion. (Bug 2501)
*RTP header extensions with length>4 bytes dissected incorrectly. (Bug 2505)
*Compilation failure on non-european Windows systems. (Bug 2513)
*BACnet BVLC NAK decoding. (Bug 2517)
*'tshark -Tfields -e data' omits last character of data. (Bug 2518)
*"Next file every" inconsistent behaviour. (Bug 2599)
*Wireshark doest not parse iSCSI login PDU. (Bug 2616)
*URL and encoding for OUI listings in make-manuf. (Bug 2619)
New and Updated Features
The following features are new (or have been significantly updated) since the last release:
*The "About" box finally displays version 1.0.
*Wireshark now supports custom columns.
*This release includes an experimental Mac OS X package.
New Protocol Support
There are no new protocols in this release.
Updated Protocol Support
ACTRACE, BACnet BVLC, BOOTP, E212, iSCSI, IUA, LDAP, MGCP, MIKEY, MSMMS, RMI, RPC, RTCP, RTP, SIP, SNMP, TCP, UNIStim, WiMAX
New and Updated Capture File Support
Endace ERF
版本下載:Wireshark 1.0.1
Wireshark 1.0.0
更新細節:
What's New
Bug Fixes
The following vulnerabilities have been fixed. See the security advisory for details and a workaround.
* The X.509sat dissector could crash.
Versions affected: 0.99.5 to 0.99.8
* The Roofnet dissector could crash on Windows, Solaris, and possibly other platforms.
Versions affected: 0.99.5 to 0.99.8
* The LDAP dissector could crash on Windows and possibly other platforms.
Versions affected: 0.99.2 to 0.99.8
* The SCCP dissector could crash while using the "decode as" feature.
Versions affected: 0.99.6 to 0.99.8
The following bugs have been fixed:
* Several SNMP-related bugs have been fixed.
* Several memory-related bugs have been fixed.
New and Updated Features
The following features are new (or have been significantly updated) since the last release:
* The "About" box finally displays version 1.0.
* Wireshark now supports custom columns.
* This release includes an experimental Mac OS X package.
New Protocol Support
IEEE 802.15.4, Infiniband, Parallel Redundancy Protocol, RedBack Lawful Intercept, Xcsl
Updated Protocol Support
AFS, ALCAP, ATM, BACapp, CIGI, DCC (renamed from DCCP), DCCP (renamed from DCP), DCERPC SPOOLSS, DCERPC NT, DHCP, DirectPlay, EtherCAT, FIX, GIOP, GTP, H.248, HTTP, ICMPv6, ICQ, IPv6, ISIS, JXTA, NCP, P_Mul, PCAP, PKIX1Explicit, PTP, RADIUS, Roofnet, RTCP, RTMPT, RTP, RX, SABP, SCSI OSD, sFlow, SMPP, SNMP, SSCOP, TAPA, TIPC, TPNCP, UNISTIM, X.25, X.509sat, XML
版本下載:Wireshark 1.0.0
Wireshark 0.99.8
更新細節:
Bug Fixes
The following vulnerabilities have been fixed. See the [1]security
advisory for details and a workaround.
o The SCTP dissector could crash.
Versions affected: 0.99.5 to 0.99.7
o The SNMP dissector could crash.
Versions affected: 0.99.6 to 0.99.7
o The TFTP dissector could crash Wireshark on Ubuntu 7.10. (This
appears to be a bug in the Cairo library on that platform.)
Reported by Noam Rathaus.
Versions affected: 0.6.0 to 0.99.7
The following bugs have been fixed:
o Wireshark could crash when saving I/O graphs.
o Wireshark could crash when editing table-based preferences.
o Wireshark could crash when trying to play RTP streams.
o Wireshark could crash when trying to apply a display filter
macro.
o Wireshark could crash in Turkish and other locales.
New and Updated Features
The following features are new (or have been significantly
updated) since the last release:
o You can now have multiple configuration profiles.
o Temporary coloring rules have been added, which let you color
or filter on a conversation.
o I/O graphs have been improved.
o Wireshark now has WLAN traffic statistics.
o The Wireshark GUI now supports RPCAP.
o Conversations and endopoints can now be limited to the current
display filter.
o Experimental support for the NTAR/PcapNG file format has been
added.
New Protocol Support
AiroPeek Remote Capture, China Mobile Point to Point, Distributed
Lock Manager 3, EUTRAN X2 Application Protocol, Fieldbus
Foundation, International Passenger Airline Reservation
System/Airline Link Control, Microsoft DirectPlay, Path
Computation Element communication Protocol, Real Time Messaging
Protocol, S1 Application Protocol, Scripting Service Protocol,
Societe Internationale de Telecommunications Aeronautiques, Unisys
Transmittal System, Wi-fi Protected Setup,
Updated Protocol Support
3G A11, 3GPP, ACN, ACP133, ALCAP, AMR, ANSI A, ANSI IS-637-A, ANSI
MAP, ARP, ASAP, AVS WLAN, BACapp, BER, BOOTP, Bluetooth (HCI ACL,
HCI CMD, HCI EVT, HCI SCO, L2CAP, SDP), CDP, CFM, CMS, COPS,
Camel, Cisco ERSPAN, DAP, DCERPC SPOOLSS, DCERPC, DHCP, DHCPv6,
DIAMETER, DMP, DTLS, E.164, EAP, ENIP, ENRP, EtherCAT, Ethernet,
FMP, FTAM, GMRP, GRE, GSM MAP, GSM SMS, GSS-API, GTP, Gryphon,
H.223, H.225, H.245, H.263, H.264, H.460, HCI H1, HTTP, ICMP, IEEE
802.11, IGMP, IPP, ISAKMP, ISUP, JFIF, JPEG, JXTA, Kerberos, LDAP,
MP2T, MS MMS, MTP3MG, NBAP, NFS, NHRP, NetFlow, P7, PER, PIM,
PKCS12, PPPoE, PTP, P_Mul, Q.932, Quakeworld, RANAP, RMT ALC, RMT
LCT, ROS, RPC, RPL, RRC, RTCP, RTP, SCCP, SCTP, SDP, SLL, SMB,
SMB2, SMPP, SMTP, SNMP, SRVLOC, SSL, STUN2, T.38, TCAP, TCP, TFTP,
TiVoConnect, UCP, UDP-Lite, USB, VLAN, WBXML, X.411, X.420,
X.509if, X.509sat
New and Updated Capture File Support
Catapult DCT2000, DBS Etherwatch, NTAR/PcapNG, TamoSoft CommView,
Visual Networks
版本下載:Wireshark 0.99.8
Wireshark 0.99.7
更新細節:
Bug Fixes
The following vulnerabilities have been fixed. See the security advisory for details and a workaround.
Wireshark could crash when reading an MP3 file.
Versions affected: 0.99.6
Beyond Security discovered that Wireshark could loop excessively while reading a malformed DNP packet.
Versions affected: 0.10.12 to 0.99.6
Stefan Esser discovered a buffer overflow in the SSL dissector.
Versions affected: 0.99.0 to 0.99.6
The ANSI MAP dissector could be susceptible to a buffer overflow on some platforms.
Versions affected: 0.99.5 to 0.99.6
The Firebird/Interbase dissector could go into an infinite loop or crash.
Versions affected: 0.99.6
The NCP dissector could cause a crash.
Versions affected: 0.99.6
The HTTP dissector could crash on some systems while decoding chunked messages.
Versions affected: 0.10.14 to 0.99.6
The MEGACO dissector could enter a large loop and consume system resources.
Versions affected: 0.9.14 to 0.99.6
The DCP ETSI dissector could enter a large loop and consume system resources.
Versions affected: 0.99.6
Fabiodds discovered a buffer overflow in the iSeries (OS/400) Communication trace file parser.
Versions affected: 0.99.0 to 0.99.6
The PPP dissector could overflow a buffer.
Versions affected: 0.99.6
The Bluetooth SDP dissector could go into an infinite loop.
Versions affected: 0.99.2 to 0.99.6
A malformed RPC Portmap packet could cause a crash.
Versions affected: 0.8.16 to 0.99.6
The IPv6 dissector could loop excessively.
Versions affected: 0.99.6
The USB dissector could loop excessively or crash.
Versions affected: 0.99.6
The SMB dissector could crash.
Versions affected: 0.99.6
The RPL dissector could go into an infinite loop.
Versions affected: 0.9.8 to 0.99.6
The WiMAX dissector could crash due to unaligned access on some platforms.
Versions affected: 0.99.6
The CIP dissector could attempt to allocate a huge amount of memory and crash.
Versions affected: 0.9.14 to 0.99.6
The following bugs have been fixed:
Handling of non-ASCII file names and paths has been improved.
Wireshark could crash while editing a coloring rule or a UAT table.
The display filter code could crash while bitwise ANDing an IPv4 address.
New and Updated Features
The following features are new (or have been significantly updated) since the last release:
Most of the capture code has been moved out of the GUI, which means that Wireshark no longer needs to be run as root.
Many display filter names have been cleaned up. If your favorite display filter just went missing, please consult the display filter reference to find out where it ended up.
You can now filter directly on SNMP OIDs.
IO graphs have more display options, and you can now export graphs.
You can now follow UDP streams in addition to TCP and SSL streams.
You can now disable coloring rules without deleting them.
Main window toolbar buttons are now available even when the window is small.
The version of WinPcap that ships with the Windows installers has been updated to 4.0.2.
The Windows installers now include a "services" file, which maps port numbers to names.
The Windows installer now enables npf.sys by default under Vista. Wireshark will print a warning at startup if npf.sys isn't loaded under Vista.
Optimizations have been applied in some places to make Wireshark start up and run faster.
New Protocol Support
ANSI TCAP, application/xcap-error (MIME type), CFM, DPNSS, EtherCAT, ETSI e2/e4, H.282, H.460, H.501, IEEE 802.1ad and 802.1ah, IMF (RFC 2822), RSL, SABP, T.125, TNEF, TPNCP, UNISTIM, Wake on LAN, WiMAX ASN Control Plane, X.224,
Updated Protocol Support
3Com XNS, 3G A11, ACN, ACP123, ACSE, AIM, ANSI IS-637-A, ANSI MAP, Armagetronad, BACapp, BACnet, BER, BFD, BGP, Bluetooth, CAMEL, CDT, CFM, CIP, Cisco ERSPAN, CLNP, CMIP, CMS, COPS, CTDB, DCCP, DCERPC ATSVC, DCERPC PNIO, DCERPC SAMR, DCERPC, DCOM CBA-ACCO, DCP ETSI, DEC DNA, DFS, DHCP/BOOTP, DHCPv6, DIAMETER, DISP, DMP, DNP, DNS, DOP, DTLS, DUA, eDonkey, ELSM, ESL, Ethernet, FC ELS, FC, FCOE, FTAM, FTP, GDSDB, GIOP, GPRS-LLC, GSM A, GSM MAP, GTP, HSRP, HTTP, IAX2, ICMPv6, IEEE 802.11, INAP, IP, IPMI, IPv6, ISAKMP, ISIS, iSNS, ISUP, IUUP, JXTA, K12, Kerberos, L2TP, LAPD, LDAP, LINX, LPD, LWAPP, MEGACO, MIKEY, MIME Multipart, MMS, MP2T, MPEG PES, MPEG, MTP2, MySQL, NBAP, NetFlow, nettl, NFS, NSIP, OSPF, P_MUL, PANA, PER, PKCS#12, PMIPv6, PN-PTCP, PN-RT, PPI, PPPoE, PRES, PROFINET, PTP, Q.932 ROS, Q.932, QSIG, Radiotap, RADIUS, RANAP, RNSAP, ROS, RTCP, RTP, RTSE, RTSP, SCCP, SCTP, SDP, SIGCOMP, SIP, Slow Protocols, SMB, SMPP, SMTP, SNDCP, SNMP, SRP, SSL, STANAG 4406, STUN2, TCAP, TCP, text/media, TIPC, ULP, UMA, UMTS FP, V5UA, VNC, WiMAX M2M, WiMAX, WLCCP, X.411, X.420, X.509 SAT, XML,
New and Updated Capture File Support
Catapult DCT 2000, Endace ERF, Juniper NetScreen snoop, Visual Networks, Windows Sniffer (NetXRay)
版本下載:Wireshark 0.99.7