Wireshark Analyzer v4.0.6 released: open-source network protocol analyzer
Wireshark Analyzer is a fantastic multi-platform open-source network protocol analyzer. It can be used to check the analysis of data from the network host to survive, but also look to capture files from the disk. You can interactively browse the capture data, just capture details of the package, you need to analyze. Wireshark has some powerful features, including the ability to rich display filter language and view the reconstructed stream of a TCP session. It also supports hundreds of protocols and media types. It includes a similar tcpdump named tshark the console version. Note that Wireshark emergence of a few dozens of remotely exploitable vulnerabilities, and thus needs to be updated to the latest version, and do not run in an insecure network environment.
Changelog
If you’re running Wireshark on macOS and upgraded to macOS 13 from an earlier version, you will likely have to open and run the “Uninstall ChmodBPF” package, then open and run “Install ChmodBPF” in order to reset the ChmodBPF Launch Daemon. Issue 18734.
Bug Fixes
The following vulnerabilities have been fixed:
- wnpa-sec-2023-12 Candump log file parser crash. Issue 19062. CVE-2023-2855.
- wnpa-sec-2023-13 BLF file parser crash. Issue 19063. CVE-2023-2857.
- wnpa-sec-2023-14 GDSDB dissector infinite loop. Issue 19068.
- wnpa-sec-2023-15 NetScaler file parser crash. Issue 19081. CVE-2023-2858.
- wnpa-sec-2023-16 VMS TCPIPtrace file parser crash. Issue 19083. CVE-2023-2856.
- wnpa-sec-2023-17 BLF file parser crash. Issue 19084. CVE-2023-2854.
- wnpa-sec-2023-18 RTPS dissector crash. Issue 19085. CVE-2023-0666.
- wnpa-sec-2023-19 IEEE C37.118 Synchrophasor dissector crash. Issue 19087. CVE-2023-0668.
- wnpa-sec-2023-20 XRA dissector infinite loop. Issue 19100.
The following bugs have been fixed:
- Conversations list has incorrect unit (bytes) in bit speed columns in the 3.7 development versions. Issue 18211.
- The media_type table should treat media types, e.g. application/3gppHal+json, as case-insensitive. Issue 18611.
- NNTP dissector bug. Issue 18981.
- Incorrect padding in BFCP decoder. Issue 18890.
- SPNEGO dissector bug. Issue 18991.
- SRT values are incorrect when applying a time shift. Issue 18999.
- Add warning that capturing is not supported in Wireshark installed from flatpak. Issue 19008.
- Opening Wireshark with -z io,stat option. Issue 19042.
- batadv dissector bug. Issue 19047.
- radiotap-gen build fails if pcap is not found. Issue 19059.
- [UDS] When filtering the uds.wdbi.data_identifier or uds.iocbi.data_identifier field is interpreted as 1 byte whereas it consists of 2 bytes. Issue 19078.
- Wireshark can’t save this capture in that format. Issue 19080.
- MSMMS parsing buffer overflow. Issue 19086.
- USB HID parser shows wrong label for usages Rx/Vx/Vbrx of usage page Generic Desktop Control. Issue 19095.
- “Follow → QUIC Stream” mixes data between streams. Issue 19102.
Updated Protocol Support
batadv, BFCP, CommunityID, COSE, GDSDB, H.265, HTTP, ILP, ISAKMP, MSMMS, NNTP, NR RRC, NTLMSSP, QUIC, RTPS, SPNEGO, Synphasor, TCP, UDS, ULP, USB HID, and XRA
New and Updated Capture File Support
BLF, Candump, NetScaler, and VMS TCPIPtrace