Saturday, December 9, 2023

Wireshark 3.2.3 Released – Fixes for Security Bugs & Update for Bluetooth, pcap, TLs, & Other Protocols

Wireshark 3.2.3 released with a fix for vulnerabilities that results in the BACapp dissector crash and fix for other bugs.

Wireshark is known as the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education.

It is used by network administrators to troubleshoot network and by the security, analyst to examine the packets. It is a widely used tool in organizations.

For macOS users with Wireshark 3.2.0, automatic updates may fail, for those versions, it recommended to update later versions manually.

Vulnerability Fixes

An attacker could exploit the vulnerability by injecting a malformed packet onto the network or convincing the administrators to read a malformed packet trace file, results in a BACapp dissector crash.

The vulnerability can be fixed by upgrading to 3.2.3, 3.0.10, 2.6.16 or later.

Updated Protocol & File Support

Following are the protocols updated includes AFS, BACapp, Bluetooth, CoAP, Diameter3GPP, F5 Ethernet trailer, GSM RLC MAC, ISIS, ISIS CLV, ISIS HELLO, ISIS LSP, ISIS SNP, NAS 5GS, NR RRC, pcap, QUIC, RPCAP, RTCP, SOME/IP-SD, TLS, and WSP.

Other Bugs Fixed

  • Add (IETF) QUIC Dissector. Bug 13881.
  • Rename profile name loses list selection. Bug 15966.
  • Dissector bug warning dissecting TLS Certificate Request with many names. Bug 16202.
  • Only ACKs, but no DATA frames are visible in -> TCP Stream Graph -> Time Sequence (tcptrace). Bug 16281.
  • Copy>Description does not work properly for all tree items. Bug 16323.
  • Importing profiles in Windows – zip files fail and from directory crashes Wireshark. Bug 16410.
  • Packet List selection is gone when adding or removing a display filter. Bug 16414.
  • Check for updates, and auto-update, not working in 3.2.1. Bug 16416.
  • f5ethtrailer: TLS trailer creates incorrect CLIENT keylog entries. Bug 16417.
  • Buildbot crash output: randpkt-2020-03-04-18423.pcap. Bug 16424.
  • File open dialog shows garbled time stamps. Bug 16429.
  • RTCP Bye without optional reason reported as [Malformed Packet]. Bug 16434.
  • [oss-fuzz] #20732: Undefined-shift in dissect_rtcp. Bug 16445.
  • SOMEIP: SOME/IP-SD dissector fails to register SOME/IP ports, if IPv6 is being used (BUG). Bug 16448.
  • tshark logs: “…​could not be opened: Too many open files.”. Bug 16457.
  • Typo in About Wireshark > Keyboard Shortcuts > Unignore All Displayed. Bug 16472.
  • Buildbot crash output: randpkt-2020-04-02-31746.pcap. Bug 16477.

The new version can be downloaded from here.

Training Course: Master in Wireshark Network Analysis – Hands-on course provides a complete network analysis Training using Wireshark.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.


Latest articles

WordPress POP Chain Flaw Exposes Over 800M+ Websites to Attack

A critical remote code execution vulnerability has been patched as part of the Wordpress...

Russian Star Blizzard New Evasion Techniques to Hijack Email Accounts

Hackers target email accounts because they contain valuable personal and financial information. Successful email...

Exploitation Methods Used by PlugX Malware Revealed by Splunk Research

PlugX malware is sophisticated in evasion, as it uses the following techniques to avoid...

TA422 Hackers Attack Organizations Using Outlook & WinRAR Vulnerabilities

Hackers exploit Outlook and WinRAR vulnerabilities because these widely used software programs are lucrative...

Bluetooth keystroke-injection Flaw: A Threat to Apple, Linux & Android Devices

An unauthenticated Bluetooth keystroke-injection vulnerability that affects Android, macOS, and iOS devices has been...

Atlassian Patches RCE Flaw that Affected Multiple Products

Atlassian has been discovered with four new vulnerabilities associated with Remote Code Execution in...

Reflectiz Introduces AI-powered Insights on Top of Its Smart Alerting System

Reflectiz, a cybersecurity company specializing in continuous web threat management, proudly introduces a new...

Endpoint Strategies for 2024 and beyond

Converge and Defend

What's the pulse of Unified Endpoint Management and Security (UEMS) in Europe? Join us live to uncover the strategies that are defining endpoint security in the region.

Related Articles