The Wireshark team has released a new version of the famous graphical traffic sniffer and protocol analyzer, 1.2.2 (and 1.0.9 for those still running the old stable branch), due to multiple security vulnerabilities affecting the GSM, OpcUa, and TLS dissectors (the latter is specially relevant), plus fixes for other memory leaks. An attacker might force Wireshark to crash remotely during live captures or by convincing someone to read a malformed packet trace file. More information in the official advisory page and release notes. Time to update Wireshark! If for any reason you cannot update, please, disable these three dissectors following the steps in the advisory. -- |
Raul Siles 152 Posts Sep 16th 2009 |
Thread locked Subscribe |
Sep 16th 2009 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!