Wireshark, One of the world’s most popular network packet analyzers, released Wireshark 4.0.7 with bug fixes, updated protocol support, and enhancements.
Wireshark is an application that captures packets from a network link, like the one between your computer and your home office or the internet.
In a standard Ethernet network, a packet is a data unit that can be sent and received independently. The most widely used packet sniffer in the world is Wireshark.
Wireshark is one of the most popular network security tools to analyze network protocols, including IP, TCP, UDP, HTTP, SSL/TLS, FTP, DNS, DHCP, and many more.
The packet analyzer Wireshark is a crucial tool for organizations of all sizes and types since network administrators and security professionals use it to investigate network traffic and detect vulnerabilities.
Wireshark 4.0.7 Updates
Bugs Patched:
- Crash when (re)loading a capture file after renaming a dfilter macro. Issue 13753.
- Moving a column deselects selected packet and moves to beginning of packet list. Issue 16251.
- If you set the default interface in the preferences, it doesn’t work with TShark. Issue 16593.
- Severe performance issues in Follow → Save As raw workflow. Issue 17313.
- TShark doesn’t support the tab character as an aggregator character in \”-T fields\” Issue 18002.
- On Windows clicking on a link in the ‘Software Update’ window launches, now unsupported, MS Internet Explorer. Issue 18488.
- Wireshark 4.x.x on Win10-x64 crashes after saving a file with a name already in use. Issue 18679.
- NAS-5GS Operator-defined Access Category: Multiple Criteria values not displayed in dissected packet display. Issue 18941.
- Server Hello Packet Invisible – during 802.1x Authentication- from Wireshark App Version 4.0.3 (v4.0.3-0-gc552f74cdc23) & above. Issue 19071.
- TShark reassembled data is incomplete/truncated. Issue 19107.
- CQL protocol parsing issues with
Result
frames from open source Cassandra. Issue 19119. - TLS 1.3 second Key Update doesn’t work. Issue 19120.
- HTTP2 dissector reports an assertion error on large data frames. Issue 19121.
- epan: Single letter hostnames aren’t displayed correctly. Issue 19137.
- BLF: CAN-FD-Message format is missing a field. Issue 19146.
- BLF: last parameter of LIN-Message is not mandatory (BUGFIX) Issue 19147.
- PPP IPv6CP: Incorrect payload length warning. Issue 19149.
- INSTALL file needs to be updated for Debian. Issue 19167.
- Some RTP streams make Wireshark crash when trying to play stream. Issue 19170.
- Wrong ordering in OpenFlow 1.0 Datapath unique ID. Issue 19172.
- Incorrect mask in RTCP slice picture ID. Issue 19182.
- Dissection error in AMQP 1.0. Issue 19191.
Vulnerabilities Addressed:
Wireshark 4.0.7 comes with the fixes for the security issues below:-
- wnpa-sec-2023-21 Kafka dissector crash. Issue 19105.
- wnpa-sec-2023-22 iSCSI dissector crash. Issue 19164.
Updated Protocol Support
9P, AMQP, BGP, CQL, DHCPFO, EAP, GlusterFS, GSM MAP, HTTP2, iSCSI, Kafka, Kerberos, NAN, NAS-5GS, OCP.1, OpenFlow 1.0, PDCP-NR, PEAP, PPPoE, RSL, RTCP, rtnetlink, and XMPP.
For more information on the release, visit the Wireshark 4.0.7 release notes page.
If you’re running Wireshark on macOS and upgraded to macOS 13 from an earlier version, you might have to open and run the “Uninstall ChmodBPF” package, then open and run “Install ChmodBPF” in order to reset the ChmodBPF Launch Daemon. Issue 18734. Wireshark team said.