Wireshark 3.4.7 was released with a fix for security vulnerabilities that leads to the DNP dissector crash and support for new capture files.
Wireshark is known as the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education.
It is used by network administrators to troubleshoot networks and by security, analysts to examine the packets. It is a widely used tool in organizations.
Wireshark is a free and open-source packet analyzer and it runs on various operating systems that include Microsoft Windows, Linux, macOS, BSD, Solaris, and some other Unix-like operating systems.
Wireshark 3.4.7
Security Vulnerabilities Fixed
wnpa-sec-2021-06 DNP dissector crash
An attacker can crash the Wireshark by injecting a malicious onto the wire or by convincing someone to read the malicious packet trace file.
Other Bugs Fixed
- TCP dissector – Erroneous DSACK reporting Issue 17315.
- No wlan_radio.duration calculated for PHY type: 802.11ac (VHT) Issue 17419.
- NAN Dissector has wrong minimum length for availability attribute Issue 17431.
Updated Protocols Support
ASTERIX, BT LE LL, DCE RPC, DNP, GTPv2, IEEE 802.11 Radio, LDAP, NAN, NORDIC_BLE, NR RRC, OSPF, pcapng, PNIO, RSL, S101, Snort config, and TCP
New Capture File Support
Catapult DCT2000, ERF, and pcap
The new version can be downloaded from here.
Training Course: Complete Wireshark Network Analysis Bundle – Hands-on course provides complete network analysis Training using Wireshark.