As of today, WinPcap 4.0.2 is available in the download section of the
WinPcap website, http://www.winpcap.org/install/ .
This maintenance release addresses a security vulnerability reported
by the iDefense Labs in a soon-to-be-released advisory.
Full details can be found in the change log attached at the end of
this message.
Gianluca Varenni
WinPcap Team
Changelog from WinPcap 4.0.1
============================
- Disabled support for monitor mode (also called TME, Table Management
Extensions) in the driver. This module suffers from several security
vulnerabilities that could result in BSODs or privilege escalation
attacks. This fix addresses a security vulnerability reported by the
iDefense Labs.
- Bug fixing:
* Added a missing NULL pointer check in pcap_open()
* Fixed a misplaced #ifdef WIN32 directive in pcap_open().
* Fixed a bug in the send routine of the driver that could cause a
crash under low resources conditions.
* Fixed a bug in the installer causing a mis-detection of a previous
WinPcap installation
* Minor cleanup of some #define directives in the driver (to disable
the TME extensions).
=========
Attachment:
smime.p7s
Description: S/MIME cryptographic signature