2006年7月19日

[installer 828] wireshark-0.99.2

wireshark-0.99.2 出ました。Ethereal の後釜です。
http://www.ethereal.com/lists/ethereal-dev/200606/msg00093.html

Ethereal から引き続いて、今回もたくさんのセキュリティホール修正が
含まれています。
http://www.wireshark.org/security/wnpa-sec-2006-01.html
参照のこと。

☆ wireshark-0.99.2
http://www.wireshark.org/
http://sourceforge.net/projects/wireshark/
http://sourceforge.net/project/showfiles.php?group_id=255&package_id=193847
http://www.wireshark.org/download/src/wireshark-0.99.2.tar.gz

== July 17, 2006

Wireshark 0.99.2 has been released.

------------------------------------------------------------------

What is Wireshark?

Wireshark is the world's most popular network protocol analyzer.
It is used for troubleshooting, analysis, development, and
education.

What's New

Bug Fixes

The following vulnerabilities have been fixed:

o The GSM BSSMAP dissector could crash. Versions affected:
0.10.11.

Ilja van Sprundel discovered the following vulnerabilities:

o The ANSI MAP dissector was vulnerable to a format string
overflow. Versions affected: 0.10.0.

o The Checkpoint FW-1 dissector was vulnerable to a format
string overflow. Versions affected: 0.10.10.

o The MQ dissector was vulnerable to a format string overflow.
Versions affected: 0.10.4.

o The XML dissector was vulnerable to a format string overflow.
Versions affected: 0.10.13.

o The MOUNT dissector could attempt to allocate large amounts of
memory. Versions affected: 0.9.4.

o The NCP NMAS and NDPS dissectors were susceptible to
off-by-one errors. Versions affected: 0.9.7.

o The NTP dissector was vulnerable to a format string overflow.
Versions affected: 0.10.13.

o The SSH dissector was vulnerable to an infinite loop. Versions
affected: 0.9.10.

o The NFS dissector may have been susceptible to a buffer
overflow. Versions affected: 0.8.16.

Ilja found several other problems that could result in
mis-dissected packets. They have been fixed.

The following non-security-related bugs have been fixed:

o The "Follow TCP Stream" dialog now wraps long lines.

o Wireshark no longer aborts under Windows 95, 98, or ME.

Warning

Windows 95, 98, and ME do not support memory protection
features that are required in order to run Wireshark securely.
It is strongly recommended that you not run Wireshark on these
platforms.

o File exports under Windows work again.

o Problems with ring buffers under 0.99.0 have been fixed.

o It was possible for Wireshark to crash when closing the
capture information dialog. This has been fixed.

o It was possible for Wireshark to crash when using the "Find"
feature. This has been fixed.

o Wireshark could crash if an interface was removed while
viewing the interface list. This has been fixed.

New and Updated Features

The following features are new (or have been significantly
updated) since the last release:

o Multicast stream analysis (Statistics->Multicast Streams) has
been added. It lets you determine burst size, output buffer
size, and losses for multicast data.

o TCP reassembly has been updated and improved.

o Expert analysis has been updated and improved.

o SCSI service response time statistics have been added.

o You can now find next/previous marked frames.

o The LDAP and SNMP dissectors have been completely rewriten.

o The SMB dissector now tracks filenames and share names.

o The Windows file dialogs have been improved.

o If Wireshark is linked with the PortAudio library, you can now
listen to RTP streams. (PortAudio didn't make the cut in the
current Windows installer. It will be included with 0.99.3.)

New Protocol Support

Bluetooth HCI (ACL, Command, Event, L2CAP, H4, RFCOMM, SCO, SDP),
Cisco WIDS, DTLS, Ether-S-Bus, OMA ULP, PN-MRP, PN-MRRT, REXEC
(yes, that REXEC), RRLP, RSerPool (CalcAppProtocol,
ComponentStatusProtocol, FractalGeneratorProtocol,
PingPongProtocol), Telkonet, TiVoConnect Discovery Protocol

Updated Protocol Support

AIM, AMR, ASAP, BER, BGP, BSSAP, BVLC, CAMEL, CMS, COPS, DAP,
DCERPC (NETLOGON, PNIO), DCOM, DIAMETER, DVMRP, EAPOL, ENRP, ESP,
FC, FIX, Frame, GPRS LLC, GSM A, GSM MAP, GSSAPI, GTP, H.225,
H.235, H.245, H.248, H.263, H.450, H1, ICMP, IEEE 802.11, INAP,
IP, IPMI, iSCSI, ISUP, JXTA, Kerberos, LDAP, LLDP, MEGACO, MySQL,
NBAP, NDMP, NFS, OICQ, PER, PGM, PN-PTCP, Q.931, RANAP, RNSAP,
ROS, RTCP, S4406, S5066, SCCP, SCSI, SDP, SIP, SMB (PIPE, SMB),
SNMP, SSL, SUA, TCP, TDS, TELNET, TIPC, UMA, X.420, X.509 (af, ce,
if), XML

New and Updated Capture File Support

Wireshark can now read BER-encoded files. Catapult DCT2000 support
has been updated.

Getting Wireshark

Microsoft Windows

Download wireshark-setup-0.99.2.exe from the [1]Windows download
area on the main web site. Double-click the installer executable.

Sun Solaris

Download the appropriate package from the [2]Solaris download area
on the main web site. Uncompress the package using bzip2, and
install it using pkgadd.

Source Code

Download wireshark-0.99.2.tar.gz from the [3]main download area on
the web site. Extract the package using tar and gzip. Run
"configure ; make ; make install".

Vendor-supplied Packages

Most Linux and Unix vendors supply their own Wireshark packages.
You can install or upgrade Wireshark using the package management
system specific to that platform. A list of third-party packages
can be found on the [4]download page on the Wireshark web site.

File Locations

Wireshark and TShark look in several different locations for
preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
These locations vary from platform to platform. You can use
About->Folders to find the default locations on your system.

Known Problems

On Windows systems the packet list scroll bar can sometimes
disappear or become unusable. Until the problem is fixed you can
work around it by resizing the packet list or the main window.
([5]Bug #220)

The Filter button is nonfunctional in the file dialogs under
Windows.

Trying to save flow data may crash Wireshark. ([6]Bug #396)

It may not be possible to re-order coloring rules under Windows.
([7]Bug #699)

Getting Help

Community support is available on the wireshark-users mailing
list. Subscription information and archives for all of Wireshark's
mailing lists can be found on [8]the web site.

Commercial support, training, and development services are
available from [9]CACE Technologies.

Frequently Asked Questions

A complete FAQ is available on the [10]Wireshark web site.

References

Visible links
1. http://www.wireshark.org/download/win32/
2. http://www.wireshark.org/download/solaris/
3. http://www.wireshark.org/download/
4. http://www.wireshark.org/download.html#otherplat
5. http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=220
6. http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=396
7. http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=699
8. http://www.wireshark.org/lists/
9. http://www.cacetech.com/
10. http://www.wireshark.org/faq.html

----
こがよういちろう


投稿者 xml-rpc : 2006年7月19日 10:45
役に立ちました?:
過去のフィードバック 平均:(0) 総合:(0) 投票回数:(0)
本記事へのTrackback: http://hoop.euqset.org/blog/mt-tb2006.cgi/44841
トラックバック
コメント
コメントする




画像の中に見える文字を入力してください。