Wireshark is a popular open-source network protocol analyzer that allows users to inspect and capture data on a network in real time.
It enables detailed examination of network traffic for the following purposes:-
- Troubleshooting
- Analysis
- Security purposes
- Development
- Education
Several key factors make Wireshark one of the leading network packet analyzers available on the internet, and here below, we have mentioned all the key factors:-
- Open Source
- Cross-Platform Compatibility
- Rich Protocol Support
- User-Friendly Interface
- Active Community and Updates
- Extensive Filtering capabilities
- Search capabilities
- Customizable Output
- Powerful Display Filters
- Support for Third-Party Extensions
- Comprehensive Documentation
Fastrack Compliance: The Path to ZERO-Vulnerability
Compounding the problem are zero-day vulnerabilities like the MOVEit SQLi, Zimbra XSS, and 300+ such vulnerabilities that get discovered each month. Delays in fixing these vulnerabilities lead to compliance issues, these delay can be minimized with a unique feature on AppTrana that helps you to get “Zero vulnerability report” within 72 hours.
However, besides this, Wireshark Foundation recently launched a new version of Wireshark, which is Wireshark 4.2.1, that brings multiple bug and vulnerability fixes.
What’s New?
Vulnerability Fixes
Here below, we have mentioned all the vulnerability fixes:-
- wnpa-sec-2024-01 GVCP dissector crash. Issue 19496. CVE-2024-0208.
- wnpa-sec-2024-02 IEEE 1609.2 dissector crash. Issue 19501. CVE-2024-0209.
- wnpa-sec-2024-03 HTTP3 dissector crash. Issue 19502. CVE-2024-0207.
- wnpa-sec-2024-04 Zigbee TLV dissector crash. Issue 19504. CVE-2024-0210.
- wnpa-sec-2024-05 DOCSIS dissector crash. Issue 19557. CVE-2024-0211.
Bug Fixes
Here below we have mentioned all the bug fixes:-
- Capture filters not saved to a recently used list. Issue 12918.
- CFM dissector does not handle Sender ID TLV correctly when Chassis ID Length is zero. Issue 13720.
- OSS-Fuzz 64290: wireshark:fuzzshark_ip: Global-buffer-overflow in dissect_zcl_read_attr_struct. Issue 19490.
- Overriding capture options set by preference by command line arguments (like -S) doesn’t work. Issue 14549.
- Segfault when enabling monitor mode on wireless card that falsely claims to support it. Issue 16693.
- The documented format of the temporary file name is out of date in the Wireshark User’s Guide. Issue 18464.
- Selection highlight is lost when the interface list is sorted. Issue 19133.
- HTTP3 malformed packets. Issue 19475.
- Capture filter compilation fails with an obscure error message. Issue 19480.
- XML: Parsing encoding attribute failed when standalone attribute exists. Issue 19485.
- Display filter expressions where the protocol name starts with a digit and contains a hyphen are rejected. Issue 19489.
- diameter.3GPP-* display filters not working after upgrade to version 4.2.0. Issue 19493.
- GigE-vision: Control Protocol shows \”unknown\” as a value for the ASCII character set. Issue 19494.
- The HTTP/3 Request Header URI is not correct. Issue 19497.
- QUIC/TLS not extracting \”h3\” from ALPN in a capture. Issue 19503.
- Documentation on system requirements should be updated. Issue 19512.
- 4.2.0: init.lua in subdirectories not loaded anymore. Issue 19516.
- Malformed SIP/SDP messages: components are not decoded properly. Issue 19518.
- heuristic_protos do not reset on profile swap. Issue 19520.
- Wireshark 4.2 crashes on Apply As Column. Issue 19521.
- NFLOG timestamp is incorrect. Issue 19525.
- Qt6 Crash (Double Free) When Attempting to Save TCP Stream Graph. Issue 19529.
- Fixed parsing display filter expressions containing literal OID values, e.g. snmp.name == 1.3.6.1.2.1.1.3.0.
Installation Packages
Here below we have mentioned the complete list of third-party packages that can be found on the official download page of Wireshark:-
- Windows x64 Installer
- Windows Arm64 Installer
- Windows x64 PortableApps®
- macOS Arm Disk Image
- macOS Intel Disk Image
- Source Code
