Several bugs fixed in the Wireshark and TShark network tools

The new version 1.0.1 of the Wireshark network analysis tool and its command line variant TShark, remedy a number of security problems. Bugs in previous versions in the analysis modules for GSM messages, PANA, KISMET, and RTMPT packets as well as syslog messages, made it possible for attackers to crash the program. According to the developer advisory, the RMI module would even reveal some contents of the RAM to attackers.

Advertisement

The advisory states that the vulnerabilities are also present in Ethereal. Up to version 0.99, Ethereal was the original name of the Wireshark project. For users that cannot update to the newest version, the developers recommend deactivating the affected module.

See also:

• Multiple problems in Wireshark versions 0.9.5 to 1.0.0, security advisory.

(trk)