Wednesday, December 6, 2023

Wireshark 3.6.1 Released – What’s New!!

A new version of Wireshark has been released recently, Wireshark 3.6.1 with several fixes and new addons, and it’s a free open-source packet analyzer.

Wireshark is used for several purposes since Wireshark is one of the world’s most widely used network protocol analyzers. What about its compatibility? 

With individual downloads for 32-bit and 64-bit versions of the operating systems, the Wireshark network protocol analyzer is compatible with all the major platforms like:-

  • Windows
  • Linux
  • macOS

While Wireshark is primarily used for the following things:-

  • Analysis
  • Troubleshooting
  • Education 
  • Development

Wireshark 3.6.1 – What’s New?

In this latest release, only one new thing has been updated, and it’s:-

  • The ‘console.log.level’ preference was removed in Wireshark 3.6.0.

On the CLI that maps to the new logging subsystem, the -o console.log.level:’ backward-compatibilty option has been added in this new release. In near future, it will be removed by the foundation, since, it’s just a transition mechanism for users.

Vulnerability & Bug Fixes

In this new release several vulnerabilities were fixed, and here’s the list of fixed vulnerabilities:-

  • wnpa-sec-2021-17 RTMPT dissector infinite loop. Issue 17745. CVE-2021-4185.
  • wnpa-sec-2021-18 BitTorrent DHT dissector infinite loop. Issue 17754. CVE-2021-4184.
  • wnpa-sec-2021-19 pcapng file parser crash. Issue 17755. CVE-2021-4183.
  • wnpa-sec-2021-20 RFC 7468 file parser infinite loop. Issue 17801. CVE-2021-4182.
  • wnpa-sec-2021-21 Sysdig Event dissector crash. CVE-2021-4181.
  • wnpa-sec-2021-22 Kafka dissector infinite loop. Issue 17811. 

In this new release several bugs were fixed and here they are:-

  • Allow sub-second timestamps in hexdumps Issue 15562.
  • GRPC: An unnecessary empty Protobuf tree item is displayed if the GRPC message body length is 0 Issue 17675.
  • Can’t install “ChmodBPF.pkg” or “Add Wireshark to the system path.pkg” on M1 MacBook Air Monterey without Rosetta 2 Issue 17757.
  • TECMP: LIN Payload is cut off by 1 byte Issue 17760.
  • Wireshark crashes if a 64 bit field of type BASE_CUSTOM is applied as a column Issue 17762.
  • Command line option “-o console.log.level” causes wireshark and tshark to exit on start Issue 17763.
  • Setting WIRESHARK_LOG_LEVEL=debug breaks interface capture Issue 17764.
  • Unable to build without tshark Issue 17766.
  • IEEE 802.11 action frames are not getting parsed and always seen as malformed Issue 17767.
  • IEC 60870-5-101 link address field is 1 byte, but should have configurable length of 0,1 or 2 bytes Issue 17775.
  • dfilter: ‘tcp.port not in {1}’ crashes Wireshark Issue 17785.

Updated Protocol Support

Here’s the list of updated protocols:-

  • ANSI A I/F
  • AT
  • BitTorrent DHT
  • FF
  • GRPC
  • IEC 101/104
  • IEEE 802.11
  • IEEE 802.11 Radiotap
  • IPsec
  • Kafka
  • QUIC
  • RTSP
  • Sysdig Event

New and Updated Capture File Support

Here’s the list of new and updated capture file support:-

  • BLF
  • RFC 7468

Vendor-supplied Packages

Since Linux and Unix vendors mostly supply their own Wireshark packages, so, one can use the package management system of Wireshark to install or upgrade the to the latest available version.

However, on the download page on the official website of Wireshark, a list of third-party packages is available, from which users can download according to their needs.

But, this new version of Wireshark has many features and it also fixed many bugs that we have mentioned above, so, users must update their Wireshark for better performance as soon as possible.

The new version can be downloaded from here.

Training Course: Complete Wireshark Network Analysis Bundle – Hands-on course provides complete network analysis Training using Wireshark.


Latest articles

BlueNoroff: New Malware Attacking MacOS Users

Researchers have uncovered a new Trojan-attacking macOS user that is associated with the BlueNoroff APT...

Serpent Stealer Acquires Browser Passwords and Erases Intrusion Logs

Beneath the surface of the cyber realm, a silent menace emerges—crafted with the precision...

Doppelgänger: Hackers Employ AI to Launch Highly sophistication Attacks

It has been observed that threat actors are using AI technology to conduct illicit...

Kali Linux 2023.4 Released – What’s New!

Kali Linux 2023.4, the latest version of Offensive Security's renowned operating system, has been...

Trickbot Malware Developer Pleads Guilty & Faces 35 Years in Prison

A 40-year-old Russian national, Vladimir Dunaev, pleaded guilty for developing and deploying Trickbot malware....

ICANN Launches RDRS to Assist Law Enforcement Agencies to Discover Private Info

ICANN is a non-profit organization that is responsible for coordinating the global internet's-DNSIP address...

Hackers Use Weaponized Documents to Attack U.S. Aerospace Industry

An American aerospace company has been the target of a commercial cyberespionage campaign dubbed...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Related Articles