Wireshark 3.6.8 – What’s New !!

In Cybersecurity News - Original News Source is cybersecuritynews.com by Blog Writer

Post Sharing
Wireshark 3.6.8 was Released with newly updated protocol support, new file format decoding support, and fixed several bugs.

The Wireshark open-source packet analyzer, which is a free and open-source application and is widely used all over the world as one of the most popular tools for analyzing network protocols and is used for several purposes.

And here below we have mentioned all the primary uses of Wireshark network protocol analyzers:-

  • Troubleshooting
  • Analysis
  • Development
  • Education

While the availability of Wireshark is complete, since, it is a free and open-source packet analyzer it runs on all the major operating systems like:-

  • Windows
  • Linux
  • macOS
  • BSD
  • Solaris
  • Some other Unix-like OS

According to the newly released report “Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use Help About Wireshark Folders or tshark -G folders to find the default locations on your system.”

Wireshark 3.6.7 was released last July, Since then Wireshark team worked on a new update and it has been released now with the following vulnerabilities that have been fixed:

  • wnpa-sec-2022-06 F5 Ethernet Trailer dissector infinite loop. Issue 18307.

The following bugs have been fixed:

  • TCAP Malformed exception on externally re-assembled packet Issue 10515.
  • Extended 3GPP-GPRS-Negotiated-QoS-profile strings decoded incompletely Issue 10688.
  • HTTP2 dissector decodes first SSL record only Issue 11173.
  • L2TP improvements – cookie length detection, UDP encapsulation and more Issue 16565.
  • USB Truncation of URB_isochronous in frames Issue 18021.
  • ISUP/BICC parameter summary text duplication Issue 18094.
  • Running rpm-setup.sh shows missing packages that Centos does not need Issue 18166.
  • IPX/IPX RIP: Crash on expand subtree Issue 18234.
  • Qt: A file or packet comment that is too large will corrupt the pcapng file Issue 18235.
  • BGP dissector bug Issue 18248.
  • Wrong interpretation of the cbsp.rep_period field in epan/dissectors/packet-gsm_cbsp.c Issue 18254.
  • Assertion due to incorrect mask for btatt.battery_power_state.* Issue 18267.
  • Qt: Expert Info dialog not showing Malformed Frame when Frame length is less than captured length Issue 18312.
  • Wireshark and tshark become non-responsive when reading certain packets Issue 18313.

Updated Protocol Support

Wireshark 3.6.8 comes with the following newly updated protocol support:

BGP

BICC

BT ATT

CBSP

Couchbase

F5 Ethernet Trailer

Fram

GTP

GTP (prime)

IPsec

ISUP

L2TP

NAS-5GS

Protobuf

SCCP

TCP

TLS

Wireshark 3.6.8 also brings a new and updated capture file support for pcap, pcapng.