Table of Contents
Wireshark is the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education.
The following vulnerabilities have been fixed.
The DCP ETSI dissector could crash. (Bug 8717)
Versions affected: 1.10.0, 1.8.0 to 1.8.7
The P1 dissector could crash. Discovered by Laurent Butti. (Bug 8826)
Versions affected: 1.10.0
The Radiotap dissector could crash. Discovered by Laurent Butti. (Bug 8830)
Versions affected: 1.10.0
The DCOM ISystemActivator dissector could crash. Discovered by Laurent Butti. (Bug 8828)
Versions affected: 1.10.0
CVE-2013-4922 CVE-2013-4923 CVE-2013-4924 CVE-2013-4925 CVE-2013-4926
The Bluetooth SDP dissector could go into a large loop. Discovered by Laurent Butti. (Bug 8831)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
The Bluetooth OBEX dissector could go into an infinite loop. (Bug 8875)
Versions affected: 1.10.0
The DIS dissector could go into a large loop. (Bug 8911)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
The DVB-CI dissector could crash. Discovered by Laurent Butti. (Bug 8916)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
The GSM RR dissector (and possibly others) could go into a large loop. (Bug 8923)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
The GSM A Common dissector could crash. (Bug 8940)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
The Netmon file parser could crash. Discovered by G. Geshev. (Bug 8742)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
The ASN.1 PER dissector could crash. Discovered by Oliver-Tobias Ripka. (Bug 8722)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
The PROFINET Real-Time dissector could crash. (Bug 8904)
Versions affected: 1.10.0
The following bugs have been fixed:
ANSI IS-637-A, ASN.1, ASN.1 PER, Bluetooth OBEX, Bluetooth SDB, DCERPC NDR, DCOM ISystemActivator, DCP ETSI, Diameter 3GPP, DIS, DVB-CI, Ethernet, GSM Common, GSM SMS, H.235, IEC104, IEEE 802.15.4, IEEE 802a, IMAP, IP, KDSP, LISP, LLRP, MAC-LTE,, Mobile IPv6, MONGO, MPLS Echo, Netflow, NFS, NFSv4, P1, PDCP-LTE, PN-IO, PN-RT, PPP, Radiotap, RLC,, RLC-LTE,, SCSI, SIP, SMTP, SoulSeek, TCP, TETRA, and VNC
Wireshark source code and installation packages are available from http://www.wireshark.org/download.html.
Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site.
Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About→Folders to find the default locations on your system.
Dumpcap might not quit if Wireshark or TShark crashes. (Bug 1419)
The BER dissector might infinitely loop. (Bug 1516)
Capture filters aren’t applied when capturing from named pipes. (Bug 1814)
Filtering tshark captures with read filters (-R) no longer works. (Bug 2234)
The 64-bit Windows installer does not support Kerberos decryption. (Win64 development page)
Application crash when changing real-time option. (Bug 4035)
Hex pane display issue after startup. (Bug 4056)
Packet list rows are oversized. (Bug 4357)
Summary pane selected frame highlighting not maintained. (Bug 4445)
Wireshark and TShark will display incorrect delta times in some cases. (Bug 4985)
Community support is available on Wireshark’s Q&A site and on the wireshark-users mailing list. Subscription information and archives for all of Wireshark’s mailing lists can be found on the web site.
Official Wireshark training and certification are available from Wireshark University.
A complete FAQ is available on the Wireshark web site.