Table of Contents
Wireshark is the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development and education.
The following vulnerabilities have been fixed:
- wnpa-sec-2018-51 The Wireshark dissection engine could crash. Bug 14466. CVE-2018-19625.
- wnpa-sec-2018-52 The DCOM dissector could crash. Bug 15130. CVE-2018-19626.
- wnpa-sec-2018-53 The LBMPDM dissector could crash. Bug 15132. CVE-2018-19623.
- wnpa-sec-2018-54 The MMSE dissector could go into an infinite loop. Bug 15250. CVE-2018-19622.
- wnpa-sec-2018-55 The IxVeriWave file parser could crash. Bug 15279. CVE-2018-19627.
- wnpa-sec-2018-56 The PVFS dissector could crash. Bug 15280. CVE-2018-19624.
The following bugs have been fixed:
- VoIP Calls dialog doesn’t include RTP stream when preparing a filter. Bug 13440.
- Wireshark installs on macOS with permissions for /Library/Application Support/Wireshark that are too restrictive. Bug 14335.
- Closing Enabled Protocols dialog crashes wireshark. Bug 14349.
- Encrypted Alerts corresponds to a wrong selection in the packet bytes pane. Bug 14712.
- MATE unable to extract fields for PDU. Bug 15208.
- Malformed Packet: SV. Bug 15224.
- ISUP (ANSI) packets malformed in WS versions later than 2.4.8. Bug 15236.
- Handover candidate enquire message not decoded. Bug 15237.
- MLE security suite display incorrect. Bug 15288.
- Message for incorrect IPv4 option lengths is incorrect. Bug 15290.
- TACACS+ dissector does not properly reassemble large accounting messages. Bug 15293.
- NLRI of S-PMSI A-D BGP route not being displayed. Bug 15307.
BGP, DCOM, GSM A BSSMAP, IEEE 802.11 Radiotap, ISUP, LBMPDM, LISP, MLE, MMSE, PVFS, SLL, SSL/TLS, SV, and TACACS+
Wireshark source code and installation packages are available from https://www.wireshark.org/download.html.
Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site.
Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About→Folders to find the default locations on your system.
Dumpcap might not quit if Wireshark or TShark crashes. (Bug 1419)
The BER dissector might infinitely loop. (Bug 1516)
Capture filters aren’t applied when capturing from named pipes. (Bug 1814)
Filtering tshark captures with read filters (-R) no longer works. (Bug 2234)
Application crash when changing real-time option. (Bug 4035)
Wireshark and TShark will display incorrect delta times in some cases. (Bug 4985)
Wireshark should let you work with multiple capture files. (Bug 10488)
Community support is available on Wireshark’s Q&A site and on the wireshark-users mailing list. Subscription information and archives for all of Wireshark’s mailing lists can be found on the web site.
Official Wireshark training and certification are available from Wireshark University.
A complete FAQ is available on the Wireshark web site.
Riverbed is Wireshark's primary sponsor and provides our funding. They also make great products.