Wireshark 1.12.1 发布,此版本现已提供下载。此版本是个 bug 修复版本,并没有添加任何的新特性。
Bug 修复
漏洞修复:
wnpa-sec-2014-13
MEGACO dissector infinite loop. (Bug 10333)CVE-2014-6423
wnpa-sec-2014-14
Netflow dissector crash. (Bug 10370)CVE-2014-6424
wnpa-sec-2014-15
CUPS dissector crash. (Bug 10353)CVE-2014-6425
wnpa-sec-2014-16
HIP dissector infinite loop.CVE-2014-6426
wnpa-sec-2014-17
RTSP dissector crash. (Bug 10381)CVE-2014-6427
wnpa-sec-2014-18
SES dissector crash. (Bug 10454)CVE-2014-6428
wnpa-sec-2014-19
Sniffer file parser crash. (Bug 10461)CVE-2014-6429CVE-2014-6430CVE-2014-6431CVE-2014-6432
Bug 修复:
Wireshark can crash during remote capture (rpcap) configuration. (Bug 3554, Bug 6922, ws-buglink:7021)
802.11 capture does not decrypt/decode DHCP response. (Bug 8734)
Extra quotes around date fields (FT_ABSOLUTE_TIME) when using -E quote=d or s. (Bug 10213)
No progress line in "VOIP RTP Player". (Bug 10307)
MIPv6 Service Selection Identifier parse error. (Bug 10323)
Probably wrong length check in proto_item_set_end. (Bug 10329)
802.11 BA sequence number decode is broken. (Bug 10334)
wmem_alloc_array() "succeeds" (and clobbers memory) when requested to allocate 0xaaaaaaaa items of size 12. (Bug 10343)
Different dissection results for same file. (Bug 10348)
Mergecap wildcard breaks in version 1.12.0. (Bug 10354)
Diameter TCP reassemble. (Bug 10362)
TRILL NLPID 0xc0 unknown to Wireshark. (Bug 10382)
BTLE advertising header flags (RxAdd/TxAdd) dissected incorrectly. (Bug 10384)
Ethernet OAM (CFM) frames including TLV’s are wrongly decoded as malformed. (Bug 10385)
BGP4: Wireshark skipped some potion of AS_PATH. (Bug 10399)
MAC address name resolution is broken. (Bug 10344)
Wrong decoding of RPKI RTR End of Data PDU. (Bug 10411)
SSL/TLS dissector incorrectly interprets length for status_request_v2 hello extension. (Bug 10416)
Misparsed NTP control assignments with empty values. (Bug 10417)
6LoWPAN multicast address decompression problems. (Bug 10426)
Netflow v9 flowset not decoded if options template has zero-length scope section. (Bug 10432)
GUI Hangs when Selecting Path to GeoIP Files. (Bug 10434)
AX.25 dissector prints unprintable characters. (Bug 10439)
6LoWPAN context handling not working. (Bug 10443)
SIP: When export to a CSV, Info is changed to differ. (Bug 10453)
Typo in packet-netflow.c. (Bug 10458)
Incorrect MPEG-TS decoding (OPCR field). (Bug 10446)
更新协议支持
6LoWPAN, A21, ACR122, Art-Net, AX.25, BGP, BTLE, CAPWAP, DIAMETER, DICOM, DVB-CI, Ethernet OAM, HIP, HiSLIP, HTTP2, IEEE 802.11, MAUSB, MEGACO, MIPv6, MP2T, Netflow, NTP, openSAFETY, OSI, RDM, RPKI RTR, RTSP, SES, SIP, TLS, and Token Ring MAC
更多内容请看发行说明。
Wireshark(前称Ethereal)是一个网络封包分析软件。网络封包分析软件的功能是撷取网络封包,并尽可能显示出最为详细的网络封包资料。
网络封包分析软件的功能可想像成 "电工技师使用电表来量测电流、电压、电阻" 的工作 - 只是将场景移植到网络上,并将电线替换成网络线。 在过去,网络封包分析软件是非常昂贵,或是专门属于营利用的软件。Ethereal的出现改变了这一切。在GNUGPL通用许可证的保障范围底下,使用者 可以以免费的代价取得软件与其源代码,并拥有针对其源代码修改及客制化的权利。Ethereal是目前全世界最广泛的网络封包分析软件之一。
网络管理员使用Wireshark来检测网络问题,网络安全工程师使用Wireshark来检查资讯安全相关问题,开发者使用Wireshark来 为新的通讯协定除错,普通使用者使用Wireshark来学习网络协定的相关知识当然,有的人也会“居心叵测”的用它来寻找一些敏感信息……
Wireshark不是入侵侦测软件(Intrusion DetectionSoftware,IDS)。对于网络上的异常流量行为,Wireshark不会产生警示或是任何提示。然而,仔细分析 Wireshark撷取的封包能够帮助使用者对于网络行为有更清楚的了解。Wireshark不会对网络封包产生内容的修改,它只会反映出目前流通的封包 资讯。 Wireshark本身也不会送出封包至网络上。
软件详情:https://www.wireshark.org/docs/relnotes/wireshark-1.12.1.html
下载地址:https://www.wireshark.org/download.html
来自:开源中国社区
