Wireshark 1.4.7 released

Wireshark is a popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education.

The following vulnerabilities have been fixed:

Large/infinite loop in the DICOM dissector. Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.

Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a corrupted Diameter dictionary file could crash Wireshark. Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.

Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a corrupted snoop file could crash Wireshark. Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.

David Maciejak of Fortinet’s FortiGuard Labs discovered that malformed compressed capture data could crash Wireshark. Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.

Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a corrupted Visual Networks file could crash Wireshark. Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6.

The following bugs have been fixed:

• AIM dissector has some endian issues.
• Telephony→MTP3→MSUS doesn’t display window.
• Support for MS NetMon 3.x traces containing raw IPv6 (“Type 7”) packets.
• Service Indicator in M3UA protocol data.
• IEC60870-5-104 protocol, incorrect decoding of timestamp type CP56Time2a.
• DNP3 dissector incorrect constants AL_OBJ_FCTR_16NF _FDCTR_32NF _FDCTR_16NF.
• 3GPP QoS: Traffic class is not decoded properly.
• Wireshark crashes when creating ProtoField.framenum in Lua.
• Fix a wrong mask to extract FMID from DECT packets dissector.
• Incorrect DHCPv6 remote identifier option parsing.