Wireshark 4.2.1 Released – What’s New!

   January 4, 2024  Posted in GBHackers


Wireshark is a popular open-source network protocol analyzer that allows users to inspect and capture data on a network in real time. 

It enables detailed examination of network traffic for the following purposes:-

  • Troubleshooting
  • Analysis
  • Security purposes
  • Development
  • Education

Several key factors make Wireshark one of the leading network packet analyzers available on the internet, and here below, we have mentioned all the key factors:-

  • Open Source
  • Cross-Platform Compatibility
  • Rich Protocol Support
  • User-Friendly Interface
  • Active Community and Updates
  • Extensive Filtering capabilities
  • Search capabilities
  • Customizable Output
  • Powerful Display Filters
  • Support for Third-Party Extensions
  • Comprehensive Documentation

Document

Free Webinar

Compounding the problem are zero-day vulnerabilities like the MOVEit SQLi, Zimbra XSS, and 300+ such vulnerabilities that get discovered each month. Delays in fixing these vulnerabilities lead to compliance issues, these delay can be minimized with a unique feature on AppTrana that helps you to get “Zero vulnerability report” within 72 hours.

However, besides this, Wireshark Foundation recently launched a new version of Wireshark, which is Wireshark 4.2.1, that brings multiple bug and vulnerability fixes.

What’s New?

Vulnerability Fixes

Here below, we have mentioned all the vulnerability fixes:-

Bug Fixes

Here below we have mentioned all the bug fixes:-

  • Capture filters not saved to a recently used list. Issue 12918.
  • CFM dissector does not handle Sender ID TLV correctly when Chassis ID Length is zero. Issue 13720.
  • OSS-Fuzz 64290: wireshark:fuzzshark_ip: Global-buffer-overflow in dissect_zcl_read_attr_struct. Issue 19490.
  • Overriding capture options set by preference by command line arguments (like -S) doesn’t work. Issue 14549.
  • Segfault when enabling monitor mode on wireless card that falsely claims to support it. Issue 16693.
  • The documented format of the temporary file name is out of date in the Wireshark User’s Guide. Issue 18464.
  • Selection highlight is lost when the interface list is sorted. Issue 19133.
  • HTTP3 malformed packets. Issue 19475.
  • Capture filter compilation fails with an obscure error message. Issue 19480.
  • XML: Parsing encoding attribute failed when standalone attribute exists. Issue 19485.
  • Display filter expressions where the protocol name starts with a digit and contains a hyphen are rejected. Issue 19489.
  • diameter.3GPP-* display filters not working after upgrade to version 4.2.0. Issue 19493.
  • GigE-vision: Control Protocol shows ”unknown” as a value for the ASCII character set. Issue 19494.
  • The HTTP/3 Request Header URI is not correct. Issue 19497.
  • QUIC/TLS not extracting ”h3” from ALPN in a capture. Issue 19503.
  • Documentation on system requirements should be updated. Issue 19512.
  • 4.2.0: init.lua in subdirectories not loaded anymore. Issue 19516.
  • Malformed SIP/SDP messages: components are not decoded properly. Issue 19518.
  • heuristic_protos do not reset on profile swap. Issue 19520.
  • Wireshark 4.2 crashes on Apply As Column. Issue 19521.
  • NFLOG timestamp is incorrect. Issue 19525.
  • Qt6 Crash (Double Free) When Attempting to Save TCP Stream Graph. Issue 19529.
  • Fixed parsing display filter expressions containing literal OID values, e.g. snmp.name == 1.3.6.1.2.1.1.3.0.

Installation Packages

Here below we have mentioned the complete list of third-party packages that can be found on the official download page of Wireshark:-

  • Windows x64 Installer
  • Windows Arm64 Installer
  • Windows x64 PortableApps®
  • macOS Arm Disk Image
  • macOS Intel Disk Image
  • Source Code



Source link