loader gif

Multiple Vulnerabilities Fixed in Wireshark 3.0.4 Release

Multiple Vulnerabilities Fixed in Wireshark 3.0.4 Release
  • Wireshark 3.0.4 and 2.6.11 were released with vulnerabilities fixed from the previous versions.
  • Windows installers now ships with Npcap 0.9983 and the macOS installer ships with Qt 5.12.3.

New in the update: One of the most popular network protocol analyzer, Wireshark has rolled out new update/fix to safeguard its platform from cybercriminals.

  • Previously shipped with Npcap 0.996, windows installers now ship with Npcap 0.9983
  • Previously shipped with Qt 5.12.4, macOS installer now ships with Qt 5.12.3
  • The protocols supported by Wireshark 3.0.4 now include BACnet, DCERPC, DNS, LSD, NFS, FC-dNS, Gryphon, EAP, IEEE 802.11, and Radiotap
  • The supported file formats are CommView and PacketLogger

Discussing security vulnerabilities: The vulnerability “wnpa-sec-2019-21 – Gryphon dissector infinite loop” lets a remote attacker inject a malformed packet to perform a denial of service (DoS) attack.

  • The vulnerability exists due to the infinite loop in Gryphon dissector while processing network packets.
  • This leads to the consumption of excessive system resources including GPU.
  • The vulnerable Wireshark versions include: 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 2.6.7, 2.6.8, 2.6.9, 2.6.10, 3.0.0, 3.0.1, 3.0.2, and 3.0.3.

The updated version fixes it all. Wireshark source code and installation packages are available here.

loader gif