Categories: CVE/vulnerabilityCyber Security NewsVulnerabilitywhat is New

Wireshark 4.2.1 Released: What’s New!

Wireshark is a popular open-source network protocol analyzer that allows users to inspect and capture data on a network in real time.

It enables detailed examination of network traffic for the following purposes:-

Troubleshooting
Analysis
Security purposes
Development
Education

Several key factors make Wireshark one of the leading network packet analyzers available on the internet, and here below, we have mentioned all the key factors:-

Open Source
Cross-Platform Compatibility
Rich Protocol Support
User-Friendly Interface
Active Community and Updates
Extensive Filtering capabilities
Search capabilities
Customizable Output
Powerful Display Filters
Support for Third-Party Extensions
Comprehensive Documentation

Document

Free Webinar

Fastrack Compliance: The Path to ZERO-Vulnerability

Compounding the problem are zero-day vulnerabilities like the MOVEit SQLi, Zimbra XSS, and 300+ such vulnerabilities that get discovered each month. Delays in fixing these vulnerabilities lead to compliance issues, these delay can be minimized with a unique feature on AppTrana that helps you to get “Zero vulnerability report” within 72 hours.

However, besides this, Wireshark Foundation recently launched a new version of Wireshark, which is Wireshark 4.2.1, that brings multiple bug and vulnerability fixes.

What’s New?

Vulnerability Fixes

Here below, we have mentioned all the vulnerability fixes:-

wnpa-sec-2024-01 GVCP dissector crash. Issue 19496. CVE-2024-0208.
wnpa-sec-2024-02 IEEE 1609.2 dissector crash. Issue 19501. CVE-2024-0209.
wnpa-sec-2024-03 HTTP3 dissector crash. Issue 19502. CVE-2024-0207.
wnpa-sec-2024-04 Zigbee TLV dissector crash. Issue 19504. CVE-2024-0210.
wnpa-sec-2024-05 DOCSIS dissector crash. Issue 19557. CVE-2024-0211.

Bug Fixes

Here below we have mentioned all the bug fixes:-

Capture filters not saved to a recently used list. Issue 12918.
CFM dissector does not handle Sender ID TLV correctly when Chassis ID Length is zero. Issue 13720.
OSS-Fuzz 64290: wireshark:fuzzshark_ip: Global-buffer-overflow in dissect_zcl_read_attr_struct. Issue 19490.
Overriding capture options set by preference by command line arguments (like -S) doesn’t work. Issue 14549.
Segfault when enabling monitor mode on wireless card that falsely claims to support it. Issue 16693.
The documented format of the temporary file name is out of date in the Wireshark User’s Guide. Issue 18464.
Selection highlight is lost when the interface list is sorted. Issue 19133.
HTTP3 malformed packets. Issue 19475.
Capture filter compilation fails with an obscure error message. Issue 19480.
XML: Parsing encoding attribute failed when standalone attribute exists. Issue 19485.
Display filter expressions where the protocol name starts with a digit and contains a hyphen are rejected. Issue 19489.
diameter.3GPP-* display filters not working after upgrade to version 4.2.0. Issue 19493.
GigE-vision: Control Protocol shows \”unknown\” as a value for the ASCII character set. Issue 19494.
The HTTP/3 Request Header URI is not correct. Issue 19497.
QUIC/TLS not extracting \”h3\” from ALPN in a capture. Issue 19503.
Documentation on system requirements should be updated. Issue 19512.
4.2.0: init.lua in subdirectories not loaded anymore. Issue 19516.
Malformed SIP/SDP messages: components are not decoded properly. Issue 19518.
heuristic_protos do not reset on profile swap. Issue 19520.
Wireshark 4.2 crashes on Apply As Column. Issue 19521.
NFLOG timestamp is incorrect. Issue 19525.
Qt6 Crash (Double Free) When Attempting to Save TCP Stream Graph. Issue 19529.
Fixed parsing display filter expressions containing literal OID values, e.g. snmp.name == 1.3.6.1.2.1.1.3.0.

Installation Packages

Here below we have mentioned the complete list of third-party packages that can be found on the official download page of Wireshark:-

Windows x64 Installer
Windows Arm64 Installer
Windows x64 PortableApps®
macOS Arm Disk Image
macOS Intel Disk Image
Source Code

Gurubaran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.