Categories: Cyber Security News

Wireshark 3.6.1 Released – What’s New!!

A new version of Wireshark has been released recently, Wireshark 3.6.1 with several fixes and new addons, and it’s a free open-source packet analyzer.

Wireshark is used for several purposes since Wireshark is one of the world’s most widely used network protocol analyzers. What about its compatibility? 

With individual downloads for 32-bit and 64-bit versions of the operating systems, the Wireshark network protocol analyzer is compatible with all the major platforms like:-

  • Windows
  • Linux
  • macOS

While Wireshark is primarily used for the following things:-

  • Analysis
  • Troubleshooting
  • Education
  • Development

Wireshark 3.6.1 – What’s New?

In this latest release, only one new thing has been updated, and it’s:-

  • The ‘console.log.level’ preference was removed in Wireshark 3.6.0.

On the CLI that maps to the new logging subsystem, the -o console.log.level:’ backward-compatibilty option has been added in this new release. In near future, it will be removed by the foundation, since, it’s just a transition mechanism for users.

Vulnerability & Bug Fixes

In this new release several vulnerabilities were fixed, and here’s the list of fixed vulnerabilities:-

  • wnpa-sec-2021-17 RTMPT dissector infinite loop. Issue 17745. CVE-2021-4185.
  • wnpa-sec-2021-18 BitTorrent DHT dissector infinite loop. Issue 17754. CVE-2021-4184.
  • wnpa-sec-2021-19 pcapng file parser crash. Issue 17755. CVE-2021-4183.
  • wnpa-sec-2021-20 RFC 7468 file parser infinite loop. Issue 17801. CVE-2021-4182.
  • wnpa-sec-2021-21 Sysdig Event dissector crash. CVE-2021-4181.
  • wnpa-sec-2021-22 Kafka dissector infinite loop. Issue 17811.

In this new release several bugs were fixed and here they are:-

  • Allow sub-second timestamps in hexdumps Issue 15562.
  • GRPC: An unnecessary empty Protobuf tree item is displayed if the GRPC message body length is 0 Issue 17675.
  • Can’t install “ChmodBPF.pkg” or “Add Wireshark to the system path.pkg” on M1 MacBook Air Monterey without Rosetta 2 Issue 17757.
  • TECMP: LIN Payload is cut off by 1 byte Issue 17760.
  • Wireshark crashes if a 64 bit field of type BASE_CUSTOM is applied as a column Issue 17762.
  • Command line option “-o console.log.level” causes wireshark and tshark to exit on start Issue 17763.
  • Setting WIRESHARK_LOG_LEVEL=debug breaks interface capture Issue 17764.
  • Unable to build without tshark Issue 17766.
  • IEEE 802.11 action frames are not getting parsed and always seen as malformed Issue 17767.
  • IEC 60870-5-101 link address field is 1 byte, but should have configurable length of 0,1 or 2 bytes Issue 17775.
  • dfilter: ‘tcp.port not in {1}’ crashes Wireshark Issue 17785.

Updated Protocol Support

Here’s the list of updated protocols:-

  • ANSI A I/F
  • AT
  • BitTorrent DHT
  • FF
  • GRPC
  • IEC 101/104
  • IEEE 802.11
  • IEEE 802.11 Radiotap
  • IPsec
  • Kafka
  • QUIC
  • RTMPT
  • RTSP
  • SRVLOC
  • Sysdig Event
  • TECMP

New and Updated Capture File Support

Here’s the list of new and updated capture file support:-

  • BLF
  • RFC 7468

Vendor-supplied Packages

Since Linux and Unix vendors mostly supply their own Wireshark packages, so, one can use the package management system of Wireshark to install or upgrade the to the latest available version.

However, on the download page on the official website of Wireshark, a list of third-party packages is available, from which users can download according to their needs.

But, this new version of Wireshark has many features and it also fixed many bugs that we have mentioned above, so, users must update their Wireshark for better performance as soon as possible.

The new version can be downloaded from here.

Training Course: Complete Wireshark Network Analysis Bundle – Hands-on course provides complete network analysis Training using Wireshark.

Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

200,000 WordPress Sites Exposed to Cyber Attack, Following Plugin Vulnerability

A critical security vulnerability has been discovered in the popular WordPress plugin Anti-Spam by CleanTalk, which…

4 hours ago

Beware Of SpyLoan Apps Exploits Social Engineering To Steal User Data

SpyLoan apps, a type of PUP, are rapidly increasing, exploiting social engineering to deceive users…

6 hours ago

Researchers Detailed Tools Used By Hacktivists Fueling Ransomware Attacks

CyberVolk, a politically motivated hacktivist group, has leveraged readily available ransomware builders like AzzaSec, Diamond,…

6 hours ago

Blue Yonder Ransomware Attack Impacts Starbucks & Multiple Supermarkets

A ransomware attack on Blue Yonder, a leading supply chain management software provider, has created…

8 hours ago

Dell Wyse Management Suite Vulnerabilities Let Attackers Exploit Affected Systems Remotely

Dell Technologies has released a security update for its Wyse Management Suite (WMS) to address…

8 hours ago

CISA Details Red Team Assessment Including TTPs & Network Defense

The Cybersecurity and Infrastructure Security Agency (CISA) recently detailed findings from a Red Team Assessment…

9 hours ago