Wednesday, June 19, 2024

Wireshark 4.2.1 Released: What’s New!

Wireshark is a popular open-source network protocol analyzer that allows users to inspect and capture data on a network in real time. 

It enables detailed examination of network traffic for the following purposes:-

  • Troubleshooting
  • Analysis
  • Security purposes
  • Development
  • Education

Several key factors make Wireshark one of the leading network packet analyzers available on the internet, and here below, we have mentioned all the key factors:-

  • Open Source
  • Cross-Platform Compatibility
  • Rich Protocol Support
  • User-Friendly Interface
  • Active Community and Updates
  • Extensive Filtering capabilities
  • Search capabilities
  • Customizable Output
  • Powerful Display Filters
  • Support for Third-Party Extensions
  • Comprehensive Documentation
Free Webinar

Fastrack Compliance: The Path to ZERO-Vulnerability

Compounding the problem are zero-day vulnerabilities like the MOVEit SQLi, Zimbra XSS, and 300+ such vulnerabilities that get discovered each month. Delays in fixing these vulnerabilities lead to compliance issues, these delay can be minimized with a unique feature on AppTrana that helps you to get “Zero vulnerability report” within 72 hours.

However, besides this, Wireshark Foundation recently launched a new version of Wireshark, which is Wireshark 4.2.1, that brings multiple bug and vulnerability fixes.

What’s New?

Vulnerability Fixes

Here below, we have mentioned all the vulnerability fixes:-

Bug Fixes

Here below we have mentioned all the bug fixes:-

  • Capture filters not saved to a recently used list. Issue 12918.
  • CFM dissector does not handle Sender ID TLV correctly when Chassis ID Length is zero. Issue 13720.
  • OSS-Fuzz 64290: wireshark:fuzzshark_ip: Global-buffer-overflow in dissect_zcl_read_attr_struct. Issue 19490.
  • Overriding capture options set by preference by command line arguments (like -S) doesn’t work. Issue 14549.
  • Segfault when enabling monitor mode on wireless card that falsely claims to support it. Issue 16693.
  • The documented format of the temporary file name is out of date in the Wireshark User’s Guide. Issue 18464.
  • Selection highlight is lost when the interface list is sorted. Issue 19133.
  • HTTP3 malformed packets. Issue 19475.
  • Capture filter compilation fails with an obscure error message. Issue 19480.
  • XML: Parsing encoding attribute failed when standalone attribute exists. Issue 19485.
  • Display filter expressions where the protocol name starts with a digit and contains a hyphen are rejected. Issue 19489.
  • diameter.3GPP-* display filters not working after upgrade to version 4.2.0. Issue 19493.
  • GigE-vision: Control Protocol shows \”unknown\” as a value for the ASCII character set. Issue 19494.
  • The HTTP/3 Request Header URI is not correct. Issue 19497.
  • QUIC/TLS not extracting \”h3\” from ALPN in a capture. Issue 19503.
  • Documentation on system requirements should be updated. Issue 19512.
  • 4.2.0: init.lua in subdirectories not loaded anymore. Issue 19516.
  • Malformed SIP/SDP messages: components are not decoded properly. Issue 19518.
  • heuristic_protos do not reset on profile swap. Issue 19520.
  • Wireshark 4.2 crashes on Apply As Column. Issue 19521.
  • NFLOG timestamp is incorrect. Issue 19525.
  • Qt6 Crash (Double Free) When Attempting to Save TCP Stream Graph. Issue 19529.
  • Fixed parsing display filter expressions containing literal OID values, e.g. ==

Installation Packages

Here below we have mentioned the complete list of third-party packages that can be found on the official download page of Wireshark:-

  • Windows x64 Installer
  • Windows Arm64 Installer
  • Windows x64 PortableApps®
  • macOS Arm Disk Image
  • macOS Intel Disk Image
  • Source Code

Latest articles

Amtrak Data Breach: Hackers Accessed User’s Email Address

Amtrak notified its customers regarding a significant security breach involving its Amtrak Guest Rewards...

Chrome Security Update – Patch for 6 Vulnerabilities

Google has announced a new update for the Chrome browser, rolling out version 126.0.6478.114/115...

Hackers Weaponize Windows Installer (MSI) Files to Deliver Malware

Cybersecurity researchers have uncovered a sophisticated malware campaign orchestrated by a threat actor group,...

Hackers Using VPNs To Exploit Restrictions & Steal Mobile Data

Hackers are offering "free" mobile data access on Telegram channels by exploiting loopholes in...

New PhaaS Platform Lets Attackers Bypass Two-Factor Authentication

Several phishing campaign kits have been used widely by threat actors in the past....

Stuxnet, The Malware That Propagates To Air-Gapped Networks

Stuxnet, a complex worm discovered in 2010, targeted Supervisory Control and Data Acquisition (SCADA)...

Threat Actors Claiming Breach of AMD Source Code on Hacking Forums

A threat actor named " IntelBroker " claims to have breached AMD in June...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles