Recently, the Wireshark 3.2.7 has been released with the new feature and the fixes for security bugs along with its updated version of Npcap & Qt.
Wireshark is the world’s most widespread network protocol analyzer, and it is utilized for troubleshooting, analysis, extension, and teaching. Apart from this, Wireshark is mainly used by the network executives to troubleshoot network issues and examine the packets.
What’s New in Wireshark 3.2.7?
This new Wireshark 3.2.7 has its Windows installers, and now it ships with Npcap 0.9997; while previously, they got shipped with Npcap 0.9994. Now the Windows installers ship with Qt 5.12.9. as they previously shipped with the Qt 5.12.8.
- CVE-2020-25862: TCP dissector crash
- CVE-2020-25863: MIME Multipart dissector crash
- CVE-2020-25866: BLIP dissector crash
Now, if we talk about the supported protocols, then this new version of Wireshark supports protocols like:-
- GSM A RR
- IPX SAP
- MIME Multipart
Other Fixed Bugs
In this version, Wireshark 3.2.7, many other bugs were also fixed, and here we have mentioned all the bugs below:-
- HTTP dissector fails to display exact UTF-16 XML Bug 9069.
- The TFTP dissector does not track conversations properly. Source file and Destination File redundant or disagree. Bug 10305.
- Dissector skips DICOM command Bug 13110.
- Editcap time adjustment doesn’t work when both infile and outfile are ERF Bug 16578.
- dissect_tds7_colmetadata_token() has wrong return value if count is 0 Bug 16682.
- “total block length … is too small” for Systemd Journal Export Block Bug 16734.
- MNC 11 is showing Mobile Network Code (MNC): NTT DoCoMo Tokai Inc. (11) But its belonging to Rakuten Network Bug 16755.
- DICOM object extraction: discrepancy between tshark and Wireshark Bug 16771.
- S1-U data forwarding info and S103 PDN data forwarding info IE’s showing improper value Bug 16777.
- Wireshark crashes while opening a capture Bug 16780.
- Changing preferences via Decode As does not call callback Bug 16787.
- Decoding of PFCP IE ‘Remote GTP-U Peer’ is incorrect Bug 16805.
- Ng-enb not decoded accurately for Target Identification IE for GTPV2 Bug 16822.
- The client timestamp is a parsed error for Google QUIC (version Q039) Bug 16839.
- NAS-5G : PDU session reactivation result Bug 16842.
- Wireshark fails to detect libssh >= 0.9.5 Bug 16845.
Apart from this, the new Wireshark 3.2.7 is quite impressive, and it came up with exciting new features. Not only this but even this new version of Wireshark has also fixed many vulnerabilities that exist in the earlier version.