Wireshark 4.2.1 Released: What’s New!

Wireshark is a popular open-source network protocol analyzer that allows users to inspect and capture data on a network in real time. 

It enables detailed examination of network traffic for the following purposes:-

• Troubleshooting
• Analysis
• Security purposes
• Development
• Education

Several key factors make Wireshark one of the leading network packet analyzers available on the internet, and here below, we have mentioned all the key factors:-

• Open Source
• Cross-Platform Compatibility
• Rich Protocol Support
• User-Friendly Interface
• Active Community and Updates
• Extensive Filtering capabilities
• Search capabilities
• Customizable Output
• Powerful Display Filters
• Support for Third-Party Extensions
• Comprehensive Documentation

Free Webinar

Fastrack Compliance: The Path to ZERO-Vulnerability

Compounding the problem are zero-day vulnerabilities like the MOVEit SQLi, Zimbra XSS, and 300+ such vulnerabilities that get discovered each month. Delays in fixing these vulnerabilities lead to compliance issues, these delay can be minimized with a unique feature on AppTrana that helps you to get “Zero vulnerability report” within 72 hours.

Register for Free

However, besides this, Wireshark Foundation recently launched a new version of Wireshark, which is Wireshark 4.2.1, that brings multiple bug and vulnerability fixes.

What’s New?

Vulnerability Fixes

Here below, we have mentioned all the vulnerability fixes:-

• wnpa-sec-2024-01 GVCP dissector crash. Issue 19496. CVE-2024-0208.
• wnpa-sec-2024-02 IEEE 1609.2 dissector crash. Issue 19501. CVE-2024-0209.
• wnpa-sec-2024-03 HTTP3 dissector crash. Issue 19502. CVE-2024-0207.
• wnpa-sec-2024-04 Zigbee TLV dissector crash. Issue 19504. CVE-2024-0210.
• wnpa-sec-2024-05 DOCSIS dissector crash. Issue 19557. CVE-2024-0211.

Bug Fixes

Here below we have mentioned all the bug fixes:-

• Capture filters not saved to a recently used list. Issue 12918.
• CFM dissector does not handle Sender ID TLV correctly when Chassis ID Length is zero. Issue 13720.
• OSS-Fuzz 64290: wireshark:fuzzshark_ip: Global-buffer-overflow in dissect_zcl_read_attr_struct. Issue 19490.
• Overriding capture options set by preference by command line arguments (like -S) doesn’t work. Issue 14549.
• Segfault when enabling monitor mode on wireless card that falsely claims to support it. Issue 16693.
• The documented format of the temporary file name is out of date in the Wireshark User’s Guide. Issue 18464.
• Selection highlight is lost when the interface list is sorted. Issue 19133.
• HTTP3 malformed packets. Issue 19475.
• Capture filter compilation fails with an obscure error message. Issue 19480.
• XML: Parsing encoding attribute failed when standalone attribute exists. Issue 19485.
• Display filter expressions where the protocol name starts with a digit and contains a hyphen are rejected. Issue 19489.
• diameter.3GPP-* display filters not working after upgrade to version 4.2.0. Issue 19493.
• GigE-vision: Control Protocol shows \”unknown\” as a value for the ASCII character set. Issue 19494.
• The HTTP/3 Request Header URI is not correct. Issue 19497.
• QUIC/TLS not extracting \”h3\” from ALPN in a capture. Issue 19503.
• Documentation on system requirements should be updated. Issue 19512.
• 4.2.0: init.lua in subdirectories not loaded anymore. Issue 19516.
• Malformed SIP/SDP messages: components are not decoded properly. Issue 19518.
• heuristic_protos do not reset on profile swap. Issue 19520.
• Wireshark 4.2 crashes on Apply As Column. Issue 19521.
• NFLOG timestamp is incorrect. Issue 19525.
• Qt6 Crash (Double Free) When Attempting to Save TCP Stream Graph. Issue 19529.
• Fixed parsing display filter expressions containing literal OID values, e.g. snmp.name == 1.3.6.1.2.1.1.3.0.

Installation Packages

Here below we have mentioned the complete list of third-party packages that can be found on the official download page of Wireshark:-

• Windows x64 Installer
• Windows Arm64 Installer
• Windows x64 PortableApps®
• macOS Arm Disk Image
• macOS Intel Disk Image
• Source Code