Multiple Vulnerabilities Fixed in Wireshark 3.0.4 Release
- Wireshark 3.0.4 and 2.6.11 were released with vulnerabilities fixed from the previous versions.
- Windows installers now ships with Npcap 0.9983 and the macOS installer ships with Qt 5.12.3.
New in the update: One of the most popular network protocol analyzer, Wireshark has rolled out new update/fix to safeguard its platform from cybercriminals.
- Previously shipped with Npcap 0.996, windows installers now ship with Npcap 0.9983
- Previously shipped with Qt 5.12.4, macOS installer now ships with Qt 5.12.3
- The protocols supported by Wireshark 3.0.4 now include BACnet, DCERPC, DNS, LSD, NFS, FC-dNS, Gryphon, EAP, IEEE 802.11, and Radiotap
- The supported file formats are CommView and PacketLogger
Discussing security vulnerabilities: The vulnerability “wnpa-sec-2019-21 – Gryphon dissector infinite loop” lets a remote attacker inject a malformed packet to perform a denial of service (DoS) attack.
- The vulnerability exists due to the infinite loop in Gryphon dissector while processing network packets.
- This leads to the consumption of excessive system resources including GPU.
- The vulnerable Wireshark versions include: 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 3.0.0, 3.0.1, 3.0.2, and 3.0.3.
The updated version fixes it all. Wireshark source code and installation packages are available here.