Thursday, March 28, 2024

Wireshark 3.6.1 Released – What’s New!!

A new version of Wireshark has been released recently, Wireshark 3.6.1 with several fixes and new addons, and it’s a free open-source packet analyzer.

Wireshark is used for several purposes since Wireshark is one of the world’s most widely used network protocol analyzers. What about its compatibility? 

With individual downloads for 32-bit and 64-bit versions of the operating systems, the Wireshark network protocol analyzer is compatible with all the major platforms like:-

  • Windows
  • Linux
  • macOS

While Wireshark is primarily used for the following things:-

  • Analysis
  • Troubleshooting
  • Education 
  • Development

Wireshark 3.6.1 – What’s New?

In this latest release, only one new thing has been updated, and it’s:-

  • The ‘console.log.level’ preference was removed in Wireshark 3.6.0.

On the CLI that maps to the new logging subsystem, the -o console.log.level:’ backward-compatibilty option has been added in this new release. In near future, it will be removed by the foundation, since, it’s just a transition mechanism for users.

Vulnerability & Bug Fixes

In this new release several vulnerabilities were fixed, and here’s the list of fixed vulnerabilities:-

  • wnpa-sec-2021-17 RTMPT dissector infinite loop. Issue 17745. CVE-2021-4185.
  • wnpa-sec-2021-18 BitTorrent DHT dissector infinite loop. Issue 17754. CVE-2021-4184.
  • wnpa-sec-2021-19 pcapng file parser crash. Issue 17755. CVE-2021-4183.
  • wnpa-sec-2021-20 RFC 7468 file parser infinite loop. Issue 17801. CVE-2021-4182.
  • wnpa-sec-2021-21 Sysdig Event dissector crash. CVE-2021-4181.
  • wnpa-sec-2021-22 Kafka dissector infinite loop. Issue 17811. 

In this new release several bugs were fixed and here they are:-

  • Allow sub-second timestamps in hexdumps Issue 15562.
  • GRPC: An unnecessary empty Protobuf tree item is displayed if the GRPC message body length is 0 Issue 17675.
  • Can’t install “ChmodBPF.pkg” or “Add Wireshark to the system path.pkg” on M1 MacBook Air Monterey without Rosetta 2 Issue 17757.
  • TECMP: LIN Payload is cut off by 1 byte Issue 17760.
  • Wireshark crashes if a 64 bit field of type BASE_CUSTOM is applied as a column Issue 17762.
  • Command line option “-o console.log.level” causes wireshark and tshark to exit on start Issue 17763.
  • Setting WIRESHARK_LOG_LEVEL=debug breaks interface capture Issue 17764.
  • Unable to build without tshark Issue 17766.
  • IEEE 802.11 action frames are not getting parsed and always seen as malformed Issue 17767.
  • IEC 60870-5-101 link address field is 1 byte, but should have configurable length of 0,1 or 2 bytes Issue 17775.
  • dfilter: ‘tcp.port not in {1}’ crashes Wireshark Issue 17785.

Updated Protocol Support

Here’s the list of updated protocols:-

  • ANSI A I/F
  • AT
  • BitTorrent DHT
  • FF
  • GRPC
  • IEC 101/104
  • IEEE 802.11
  • IEEE 802.11 Radiotap
  • IPsec
  • Kafka
  • QUIC
  • RTMPT
  • RTSP
  • SRVLOC
  • Sysdig Event
  • TECMP

New and Updated Capture File Support

Here’s the list of new and updated capture file support:-

  • BLF
  • RFC 7468

Vendor-supplied Packages

Since Linux and Unix vendors mostly supply their own Wireshark packages, so, one can use the package management system of Wireshark to install or upgrade the to the latest available version.

However, on the download page on the official website of Wireshark, a list of third-party packages is available, from which users can download according to their needs.

But, this new version of Wireshark has many features and it also fixed many bugs that we have mentioned above, so, users must update their Wireshark for better performance as soon as possible.

The new version can be downloaded from here.

Training Course: Complete Wireshark Network Analysis Bundle – Hands-on course provides complete network analysis Training using Wireshark.

Website

Latest articles

Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers

A critical vulnerability in Ray, an open-source AI framework that is widely utilized across...

Chinese Hackers Attacking Southeast Asian Nations With Malware Packages

Cybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two...

CISA Warns of Hackers Exploiting Microsoft SharePoint Server Vulnerability

Cybersecurity and Infrastructure Security Agency (CISA) has warned about a critical vulnerability in Microsoft...

Microsoft Expands Edge Bounty Program to Include WebView2!

Microsoft announced that Microsoft Edge WebView2 eligibility and specific out-of-scope information are now included...

Beware of Free Android VPN Apps that Turn Your Device into Proxies

Cybersecurity experts have uncovered a cluster of Android VPN applications that covertly transform user...

ZENHAMMER – First Rowhammer Attack Impacting Zen-based AMD Platforms

Despite AMD's growing market share with Zen CPUs, Rowhammer attacks were absent due to...

Airbus to Acquire INFODAS to Strengthen its Cybersecurity Portfolio

Airbus Defence and Space plans to acquire INFODAS, a leading cybersecurity and IT solutions...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles