Our testing has turned up several more security issues:
- The LDAP dissector could free static memory and crash. Versions affected: 0.8.5 to 0.10.11
- The AgentX dissector could crash. Versions affected: 0.10.10 to 0.10.11
- The 802.3 dissector could go into an infinite loop. Versions affected: 0.8.16 to 0.10.11
- The PER dissector could abort. Versions affected: 0.10.5 to 0.10.11
- The DHCP dissector could go into an infinite loop. Versions affected: 0.10.7 to 0.10.11
- The BER dissector could abort or loop infinitely. Version affected: 0.10.11
- The MEGACO dissector could go into an infinite loop. Versions affected: 0.9.14 to 0.10.11
- The GIOP dissector could dereference a null pointer. Versions affected: 0.8.20 to 0.10.11
- The SMB dissector was susceptible to a buffer overflow. Versions affected: 0.9.12 to 0.10.11
- The WBXML could dereference a null pointer. Versions affected: 0.10.1 to 0.10.11
- The H1 dissector could go into an infinite loop. Versions affected: 0.8.15 to 0.10.11
- The DOCSIS dissector could cause a crash. Versions affected: 0.9.13 to 0.10.11
- The SMPP dissector could go into an infinite loop. Versions affected: 0.10.1 to 0.10.11
- SCTP graphs could crash. Version affected: 0.10.11
- The HTTP dissector could crash. Versions affected: 0.10.4 to 0.10.11
- The SMB dissector could go into a large loop. Versions affected: 0.9.0 to 0.10.11
- The DCERPC dissector could crash. Versions affected: 0.9.16 to 0.10.11.
- Several dissectors could crash while reassembling packets. Versions affected: 0.9.0 to 0.10.11
Steve Grubb at Red Hat found the following issues:
- The CAMEL dissector could dereference a null pointer. Version affected: 0.10.11
- The DHCP dissector could crash. Versions affected: 0.10.4 to 0.10.11
- The CAMEL dissector could crash. Versions affected: 0.10.10 to 0.10.11
- The PER dissector could crash. Versions affected: 0.10.10 to 0.10.11
- The RADIUS dissector could crash. Versions affected: 0.9.4 to 0.10.11
- The Telnet dissector could crash. Versions affected: 0.9.10 to 0.10.11
- The IS-IS LSP dissector could crash. Versions affected: 0.8.19 to 0.10.11
- The NCP dissector could crash. Versions affected: 0.9.15 to 0.10.11
iDEFENSE found the following issues:
- Several dissectors were susceptible to a format string overflow. Versions affected: 0.9.4 to 0.10.11
- Ethereal uses the zlib compression library. Security vulnerabilities have been discovered in zlib 1.2.1 and 1.2.2. The Windows installer now ships with zlib 1.2.3, which fixes these vulnerabilities.
Please see the application advisory for more details.
Everyone is encouraged to upgrade.
New and updated features
- The Windows installer now includes the WinPcap 3.1 beta 4 installer. You don't have to download and install it separately. (endlich!!)
- RADIUS dictionaries are now included.
- A lot of documentation was updated
- Some command line parameters have changed, see the Ethereal / Tethereal manual pages
- A "File/File Set" submenu was added to better handle multiple files (such as ring buffers).
- Flow graphs can now be created for any protocol.
- Memory management has been greatly improved.
- JXTA has been added to the conversations menu.
- When compiled with MIT/Heimdal Kerberos AND if keytab files are provided, Ethereal can now decrypt and dissect both SecureLDAP and encrypted DCE/RPC.
- TCP Sequence graphs should now work for all captures and all encapsulation types.
- New protocol support:
ACSE, ARMAGETRONAD, AudioCodes trunk trace, CSM_ENCAPS, DEC DNA Routing, DIS, FTAM, iFCP, Juniper PPPoE, MMS, MS MediaServer, MSRP, Parlay, Synergy, TANGO, WLAN Certificate Extensions
- Updated protocol support:
802.11 Radiotap, 9P, ACSE, AFP, AgentX, AIM, ANSI MAP, BACapp, BVLC, Camel, CLNP, CMIP, DCERPC, DCOM, DHCP, DHCP Failover, DHCPv6, DICOM, DNP, DNS, DOCSIS, EAP, Ethernet, FC ELS, FCIP, FCP, FC-SWILS, GIOP, GSM A, GSM MAP, GSSAPI, GTP, H1, H.221, H.225, H.235, H.245, H.248, H.450, HPSW, HTTP, HyperSCSI, ICMP, IEEE 802.11, IEEE 802.3, iFCP, IP, IPDC, ISAKMP, iSCSI, iSNS, ISUP, JXTA, Kerberos, KINK, LDAP, LLC, LMP, LWAPP, MEGACO, MGCP, MMSE, NDMP, NDPS, NFS, NTLMSSP, OSI, OSPF, PER, PPP, PRES, PROFINET, RDT, RMT, RPC, RSVP, Rsync, RTP, RTSP, SCSI, SCTP, SDP, SIP, SMB, SMPP, SNMP, SPNEGO, SSCOP, SSL, T.38, TCAP, TCP, Telnet, TFTP, TPKT, UDP, UDVM, UMA, V5UA, WBXML, WSP, XML, YMSG, YPSERV
- New and updated capture file support:
HP Nettl, Tektronix K12
:
