Wireshark 4.2.3 Released: What’s New!

Wireshark, the most popular network protocol analyzer worldwide, has released version 4.2.3, which includes new features and upgrades.

Wireshark, a well-known open-source network protocol analyzer, enables users to view and record network data in real time. Important features include its rich protocol support, user-friendly design, active community and updates, customizable output, powerful filtering tools, and search capabilities.

EHA

It permits in-depth analysis of network traffic for the following uses:

  • Troubleshooting
  • Analysis
  • Security purposes
  • Development
  • Education

Wireshark 4.2.3 offers bug fixes, enhanced protocol support, and additional improvements.

Document
Live Account Takeover Attack Simulation

How do Hackers Bypass 2FA?

Live attack simulation Webinar demonstrates various ways in which account takeover can happen and practices to protect your websites and APIs against ATO attacks .

Wireshark 4.2.3 – Bug Fixes

  • Capture start fails when the file set is enabled and file extension is not supplied if the directory contains a period. Issue 14614.
  • Cannot drag and move custom filter buttons in toolbar. Issue 19447.
  • Not equal won’t work when used with wlan.addr. Issue 19449.
  • sshdump fails to connect with private key (ssh-rsa) Issue 19510.
  • ChmodBPF installation fails on macOS Sonoma 14.1.2. Issue 19527.
  • Windows installers should check for Windows 8.1. Issue 19569.
  • Fuzz job crash output: fuzz-2024-01-05-7725.pcap. Issue 19570.
  • Fuzz job crash output: fuzz-2024-01-06-7734.pcap. Issue 19578.
  • Incorrect recursion depth asserts failure when dissecting a legitimate GOOSE message. Issue 19580.
  • OPC UA – large read request is reported as malformed in 4.2.1 but not in 4.0.12. Issue 19581.
  • TFTP dissector bug type listed as netscii instead of netascii doesn’t show all TFTP packets including TFTP blocks. Issue 19589.
  • SMB1 replies from LAN Drive app only show up as NBSS Continuation Message. Issue 19593.
  • ciscodump – older SSH key exchange algorithms not supported. Issue 19594.
  • Problem decoding LAPB/X.25/FTAM after adding X.75 decoding. Issue 19595.
  • Wireshark Filter not working. Issue 19604.
  • CFLOW: failure to decode 0 length data fields of IPFIX variable length data types. Issue 19605.
  • Copy …​as Printable Text Feature Missing in 4.1/4.2. Issue 19607.
  • Export Objects – HTTP is missing some HTTP/2 files in a two-pass analysis. Issue 19609.
  • ASAM-CMP Plugin: Malformed message, length mismatch if vendor-defined data of status messages has odd length. Issue 19626.
  • OSS-Fuzz 66561: wireshark:fuzzshark_ip_proto-udp: Null-dereference READ in wmem_map_lookup. Issue 19642.

Updated Protocol Support

ASAM CMP, CAN, CFLOW, CMIP, CMP, DAP, DICOM, DISP, E2AP, GLOW, GOOSE, GTP, GTPv2, H.225, H.245, H.248, HTTP2, IEEE 1609.2, IEEE 1722, IPv4, IPv6, ISO 15765, ISUP, ITS, Kerberos, LDAP, MMS, NBT, NRUP, openSAFETY, P22, P7, PARLAY, RTMPT, RTP, SCSI, SOME/IP, T.38, TCP, TECMP, TFTP, WOW, X.509if, X.509sat, X.75, X11, Z39.50, and ZigBee Green Power.

New and Updated Capture File Support

  • pcap and pcapng

To Download

“If you are upgrading Wireshark 4.2.0 or 4.2.1 on Windows you will need to download and install Wireshark 4.2.3 or later by hand”, reads the Wireshark release notes.

The majority of UNIX and Linux vendors provide their own Wireshark packages. Typically, the package management system peculiar to that platform can be used to install or update Wireshark. The download page of the Wireshark website has a list of third-party packages.

To get the most recent version of Wireshark (Wireshark 4.2.3) from the Wireshark Foundation, you can visit the official download page that you can access here.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.