2010年8月31日

[installer 2488] wireshark-1.0.16, 1.2.11, 1.4.0

wireshark-1.0.16, 1.2.11, 1.4.0 出ています。

最近話題の DLL ハイジャック対策が含まれているようです。
http://www.wireshark.org/security/wnpa-sec-2010-09.html
http://www.wireshark.org/security/wnpa-sec-2010-10.html
参照のこと。

☆ wireshark-1.0.16

http://www.wireshark.org/
http://www.wireshark.org/download.html
http://sourceforge.net/projects/wireshark/
http://sourceforge.net/projects/wireshark/files/

What's New

Bug Fixes

The following vulnerabilities have been fixed. See the security
advisory for details and a workaround.

o Wireshark is vulnerable to DLL hijacking as described in
Microsoft Security Advisory 2269637. This problem is fully
fixed on Windows XP SP1 and later. It is partially fixed on
Windows 2000 and XP without services packs. We expect to
address those platforms in future releases. If you are running
Wireshark on Windows 2000 or XP we recommend that you only
open capture files within Wireshark. (Bug 5133)

Versions affected: All previous Windows versions up to and
including 1.0.15 and 1.2.10.

CVE-2010-3133

New and Updated Features

There are no new or updated features in this release.

New Protocol Support

There are no new protocols in this release.

Updated Protocol Support

There are no updated protocols in this release.

New and Updated Capture File Support

There is no new or updated capture file support.


☆ wireshark-1.2.11
http://www.wireshark.org/
http://www.wireshark.org/download.html
http://sourceforge.net/projects/wireshark/
http://sourceforge.net/projects/wireshark/files/

What's New

Bug Fixes

The following vulnerabilities have been fixed. See the security
advisory for details and a workaround.

o Wireshark is vulnerable to DLL hijacking as described in
Microsoft Security Advisory 2269637. This problem is fully
fixed on Windows XP SP1 and later. It is partially fixed on
Windows 2000 and XP without services packs. We expect to
address those platforms in future releases. If you are running
Wireshark on Windows 2000 or XP we recommend that you only
open capture files within Wireshark. (Bug 5133)

Versions affected: All previous Windows versions up to and
including 1.0.15 and 1.2.10.

CVE-2010-3133

The following bugs have been fixed:

o The RTSP dissector could crash. (Bug 5081)

o TShark could crash when generating PostScript速. (Bug 5148)

New and Updated Features

There are no new features in this release.

New Protocol Support

There are no new protocols in this release.

Updated Protocol Support

BOOTP/DHCP, H.264, IP, RTSP, SCTP, SDP, SMB, SMB2

Updated Capture File Support

There are no new or updated capture file formats in this release.


☆ wireshark-1.4.0
http://www.wireshark.org/
http://www.wireshark.org/download.html
http://sourceforge.net/projects/wireshark/
http://sourceforge.net/projects/wireshark/files/

What's New

Bug Fixes

The following bugs have been fixed:

o Update time display in background. (Bug 1275)

o Wireshark is unresponsive when capturing from named pipes on
Windows. (Bug 1759)

o Tshark returns 0 even with an invalid interface or capture
filter. (Bug 4735)

New and Updated Features

The following features are new (or have been significantly
updated) since version 1.2:

o The packet list internals have been rewritten and are now more
efficient.

o Columns are easier to use. You can add a protocol field as a
column by right-clicking on its packet detail item, and you
can adjust some column preferences by right-clicking the
column header.

o Preliminary Python scripting support has been added.

o Many memory leaks have been fixed.

o Wireshark 1.4 does not support Windows 2000. Please use
Wireshark 1.2 or 1.0 on those systems.

o Packets can now be ignored (excluded from dissection), similar
to the way they can be marked.

o Manual IP address resolution is now supported.

o Columns with seconds can now be displayed as hours, minutes
and seconds.

o You can now set the capture buffer size on UNIX and Linux if
you have libpcap 1.0.0 or greater.

o TShark no longer needs elevated privileges on UNIX or Linux to
list interfaces. Only dumpcap requires privileges now.

o Wireshark and TShark can enable 802.11 monitor mode directly
if you have libpcap 1.0.0 or greater.

o You can play RTP streams directly from the RTP Analysis
window.

o Capinfos and editcap now respectively support time order
checking and forcing.

o Wireshark now has a "jump to timestamp" command-line option.

o You can open JPEG files directly in Wireshark.

New Protocol Support

3GPP Nb Interface RTP Multiplex, Access Node Control Protocol,
Apple Network-MIDI Session Protocol, ARUBA encapsulated remote
mirroring, Assa Abloy R3, Asynchronous Transfer Mode, B.A.T.M.A.N.
Advanced Protocol, Bluetooth AMP Packet, Bluetooth OBEX, Bundle
Protocol, CIP Class Generic, CIP Connection Configuration Object,
CIP Connection Manager, CIP Message Router, collectd network data,
Control And Provisioning of Wireless Access Points, Controller
Area Network, Device Level Ring, DOCSIS Bonded Initial Ranging
Message, Dropbox LAN sync Discovery Protocol, Dropbox LAN sync
Protocol, DTN TCP Convergence Layer Protocol, EtherCAT Switch
Link, Fibre Channel Delimiters, File Replication Service DFS-R,
Gateway Load Balancing Protocol, Gigamon Header, GigE Vision
Control Protocol, Git Smart Protocol, GSM over IP ip.access CCM
sub-protocol, GSM over IP protocol as used by ip.access, GSM
Radiotap, HI2Operations, Host Identity Protocol, HP encapsulated
remote mirroring, HP NIC Teaming Heartbeat, IEC61850 Sampled
Values, IEEE 1722 Protocol, InfiniBand Link, Interlink Protocol,
IPv6 over IEEE 802.15.4, ISO 10035-1 OSI Connectionless
Association Control Service, ISO 9548-1 OSI Connectionless Session
Protocol, ISO 9576-1 OSI Connectionless Presentation Protocol,
ITU-T Q.708 ISPC Analysis, Juniper Packet Mirror, Licklider
Transmission Protocol, MPLS PW ATM AAL5 CPCS-SDU mode
encapsulation, MPLS PW ATM Cell Header, MPLS PW ATM Control Word,
MPLS PW ATM N-to-One encapsulation, no CW, MPLS PW ATM N-to-One
encapsulation, with CW, MPLS PW ATM One-to-One or AAL5 PDU
encapsulation, Multiple Stream Reservation Protocol, NetPerfMeter
Protocol, NetScaler Trace, NexusWare C7 MTP, NSN FLIP, OMRON FINS
Protocol, packetbb Protocol, Peer Network Resolution Protocol,
PKIX Attribute Certificate, Pseudowire Padding, Server/Application
State Protocol, Solaris IPNET, TN3270 Protocol, TN5250 Protocol,
TRILL, Twisted Banana, UMTS FP Hint, UMTS MAC, UMTS Metadata, UMTS
RLC, USB HID, USB HUB, UTRAN Iuh interface HNBAP signalling, UTRAN
Iuh interface RUA signalling, V5.2, Vendor Specific Control
Protocol, Vendor Specific Network Protocol, VMware Lab Manager,
VXI-11 Asynchronous Abort, VXI-11 Core Protocol, VXI-11 Interrupt,
X.411 Message Access Service, ZigBee Cluster Library

Updated Protocol Support

There are too many to list here.

New and Updated Capture File Support

Accellent 5Views, ASN.1 Basic Encoding Rules, Catapult DCT2000,
Daintree SNA, Endace ERF, EyeSDN, Gammu DCT3 trace, IBM iSeries,
JPEG/JFIF, libpcap, Lucent/Ascend access server trace, NetScaler,
PacketLogger, pcapng, Shomiti/Finisar Surveyor, Sun snoop, Symbian
OS btsnoop, Visual Networks

----
こがよういちろう


投稿者 xml-rpc : 2010年8月31日 09:37
役に立ちました?:
過去のフィードバック 平均:(0) 総合:(0) 投票回数:(0)
本記事へのTrackback: http://hoop.euqset.org/blog/mt-tb2006.cgi/98068
トラックバック
コメント
コメントする




画像の中に見える文字を入力してください。