Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Wireshark 1.10.4 and 1.8.12 are available - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Wireshark 1.10.4 and 1.8.12 are available

Download the relevant updated version from: http://www.wireshark.org/download.html

   The following vulnerabilities have been fixed.
     * [1]wnpa-sec-2013-66
       The SIP dissector could go into an infinite loop.
       Discovered by Alain Botti. ([2]Bug 9388)
       Versions affected: 1.10.0 to 1.10.3, 1.8.0 to 1.8.11
       [3]CVE-2013-7112
     * [4]wnpa-sec-2013-67
       The BSSGP dissector could crash. Discovered by Laurent
       Butti. ([5]Bug 9488)
       Versions affected: 1.10.0 to 1.10.3
       [6]CVE-2013-7113
     * [7]wnpa-sec-2013-68
       The NTLMSSP v2 dissector could crash. Discovered by Garming
       Sam.
       Versions affected: 1.10.0 to 1.10.3, 1.8.0 to 1.8.11
       [8]CVE-2013-7114

Cheers,
Adrien de Beaupré
Intru-shun.ca Inc.
My SANS Teaching Schedule

Adrien de Beaupre

353 Posts
ISC Handler
Wireshark has had vulnerability problems for so long I've stopped using it for grabbing pcaps. Anymore, I use tcpdump or windump to capture to a file and then examine the file with Wireshark. At least then it's not running as root.
John

88 Posts
I too use tcpdump for captures, usually in raw format so I loose nothing, then analyze it from the captured file, either with wireshark or other tools, especially one liner scripts hacked for the moment. Besides, since tcpdump is lower overhead, it is faster, and less likely to drop packets on a busy network.
Moriah

133 Posts

Sign Up for Free or Log In to start participating in the conversation!