Wireshark 1.4.4 Latest Version Released !

**What is Wireshark?** Wireshark is the world's most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education.

 **What's New****Bug Fixes**The following vulnerabilities have been fixed. See the security advisory for details and a workaround. o Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that Wireshark could free an uninitialized pointer while reading a malformed pcap-ng file. (Bug 5652) Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3. CVE-2011-0538 o Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a large packet length in a pcap-ng file could crash Wireshark. (Bug 5661) Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3. o Wireshark could overflow a buffer while reading a Nokia DCT3 trace file. (Bug 5661) Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3. CVE-2011-0713 o Paul Makowski working for SEI/CERT discovered that Wireshark on 32 bit systems could crash while reading a malformed 6LoWPAN packet. (Bug 5661)**Versions affected: 1.4.0 to 1.4.3.**o joernchen of Phenoelit discovered that the LDAP and SMB dissectors could overflow the stack. (Bug 5717) Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3. (Prior versions including 1.0.x are also affected.) o Xiaopeng Zhang of Fortinet's Fortiguard Labs discovered that large LDAP Filter strings can consume excessive amounts of memory. (Bug 5732) Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3. (Prior versions including 1.0.x are also affected.)**The following bugs have been fixed:**o A TCP stream would not always be recognized as the same stream. (Bug 2907) o Wireshark Crashing by pressing 2 Buttons. (Bug 4645) o A crash can occur in the NTLMSSP dissector. (Bug 5157) o The column texts from a Lua dissector could be mangled. (Bug 5326) (Bug 5630) o Corrections to ANSI MAP ASN.1 specifications. (Bug 5584) o When searching in packet bytes, the field and bytes are not immediately shown. (Bug 5585) o Malformed Packet: ULP reported when dissecting ULP SessionID PDU. (Bug 5593) o Wrong IEI in container of decode_gtp_mm_cntxt. (Bug 5598) o Display filter does not work for expressions of type BASE_DEC, BASE_DEC_HEX and BASE_HEX_DEC. (Bug 5606) o NTLMSSP dissector may fail to compile due to space embedded in C comment delimiters. (Bug 5614) o Allow for name resolution of link-scope and multicast IPv6 addresses from local host file. (Bug 5615) o DHCPv6 dissector formats DUID_LLT time incorrectly. (Bug 5627) o Allow for IEEE 802.3bc-2009 style PoE TLVs. (Bug 5639) o Various fixes to the HIP packet dissector. (Bug 5646) o Display "Day of Year" for January 1 as 1, not 0. (Bug 5653) o Accommodate the CMake build on Ubuntu 10.10. (Bug 5665) o E.212 MCC 260 Poland update according to local national regulatory. (Bug 5668) o IPP on ports other than 631 not recognized. (Bug 5677) o Potential access violation when writing to LANalyzer files. (Bug 5698) o IEEE 802.15.4 Superframe Specification - Final CAP Slot always 0. (Bug 5700) o Peer SRC and DST AS numbers are swapped for cflow. (Bug 5702) o dumpcap: -q option behavior doesn't match documentation. (Bug 5716)**New and Updated Features**There are no new features in this release.**New Protocol Support** There are no new protocols in this release.



**Updated Protocol Support** ANSI MAP, BitTorrent, DCM, DHCPv6, DTAP, DTPT, E.212, GSM Management, GTP, HIP, IEEE 802.15.4, IPP, LDAP, LLDP, Netflow, NTLMSSP, P_Mul, Quake, Skinny, SMB, SNMP, ULP



**New and Updated Capture File Support** LANalyzer, Nokia DCT3, Pcap-ng**Getting Wireshark** Wireshark source code and installation packages are available from <https://www.wireshark.org/download.html>.