Multiple Vulnerabilities Fixed in Wireshark 3.0.4 Release

• Wireshark 3.0.4 and 2.6.11 were released with vulnerabilities fixed from the previous versions.
• Windows installers now ships with Npcap 0.9983 and the macOS installer ships with Qt 5.12.3.

New in the update: One of the most popular network protocol analyzer, Wireshark has rolled out new update/fix to safeguard its platform from cybercriminals.

• Previously shipped with Npcap 0.996, windows installers now ship with Npcap 0.9983
• Previously shipped with Qt 5.12.4, macOS installer now ships with Qt 5.12.3
• The protocols supported by Wireshark 3.0.4 now include BACnet, DCERPC, DNS, LSD, NFS, FC-dNS, Gryphon, EAP, IEEE 802.11, and Radiotap
• The supported file formats are CommView and PacketLogger

Discussing security vulnerabilities: The vulnerability “wnpa-sec-2019-21 – Gryphon dissector infinite loop” lets a remote attacker inject a malformed packet to perform a denial of service (DoS) attack.

• The vulnerability exists due to the infinite loop in Gryphon dissector while processing network packets.
• This leads to the consumption of excessive system resources including GPU.
• The vulnerable Wireshark versions include: 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 3.0.0, 3.0.1, 3.0.2, and 3.0.3.

The updated version fixes it all. Wireshark source code and installation packages are available here.