aboutsummaryrefslogtreecommitdiffstats
path: root/NEWS
blob: 2f92a8c45e8d1b05a56831b6a2afbe001e5184da (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
Wireshark 0.99.5 Release Notes

   ------------------------------------------------------------------

What is Wireshark?

   Wireshark is the world's most popular network protocol analyzer.
   It is used for troubleshooting, analysis, development, and
   education.

What's New

  Bug Fixes

   The following vulnerabilities have been fixed. See the [1]security
   advisory for details and a workaround.

     o The TCP dissector could hang or crash while reassembling HTTP
       packets. (Bug [2]1200)

       Versions affected: 0.99.2 to 0.99.4

       [3]CVE-2007-0459

     o The HTTP dissector could crash.

       Versions affected: 0.99.3 to 0.99.4

       [4]CVE-2007-0458

     o On some systems, the IEEE 802.11 dissector could crash.

       Versions affected: 0.10.14 to 0.99.4

       [5]CVE-2007-0457

     o On some systems, the LLT dissector could crash.

       Versions affected: 0.99.3 to 0.99.4

       [6]CVE-2007-0456

   The following bugs have been fixed:

     o On Windows systems the packet list scroll bar could sometimes
       disappear or become unusable. ([7]Bug 220)

     o The end of HTTP chunked encoding wasn't being displayed.
       ([8]Bug 646)

     o The Follow TCP Stream window could omit characters. ([9]Bug
       1043)

     o Opening a flow graph could crash Wireshark. ([10]Bug 1117)

     o Follow TCP Stream would sometimes get the direction wrong.
       ([11]Bug 1138)

     o The foreground text in the coloring rules editor was always
       black.. ([12]Bug 1164)

     o The CSV export format was incorrect. ([13]Bug 1173)

     o On some Windows systems Wireshark could take a long time to
       start up.

     o Malformed UDLD packets could cause an exception.

     o The ISUP statistics report could overflow a buffer and crash
       when displaying IPv6 addresses.

  New and Updated Features

   The following features are new (or have been significantly
   updated) since the last release:

     o We are now offering Wireshark as a [14]U3 package for Windows.
       U3 packages are suitable for using on USB drives and CD-ROMs.
       It's still experimental, but you're welcome to try it out and
       report any problems or successes.

     o Decryption support for WPA/WPA2 and SNMPv3 has been added. The
       TDS / MS SQL dissector now de-obfuscates passwords.

     o 64-bit file handling has been improved.

     o The Find function now selects the corresponding packet detail
       item. Find functionality has been added to the TCP and SSL
       stream dialogs.

     o Main window keyboard navigation has been improved.

     o Windows file dialogs now show the "places" bar (Desktop, My
       Documents, My Computer, My Network Places, etc). File dialogs
       now default to "My Documents" in accordance with Microsoft's
       HIG.

     o [15]AirPcap support (which provides raw mode capture under
       Windows) has been enhanced to allow capturing on multiple
       AirPcap adapters simultaneously.

     o You can no longer install Wireshark on Windows 95, 98, or ME.
       (OK, so it's not a feature per se, but it's an important
       change). The last version known to work on these systems is
       [16]Ethereal 0.99.0.

     o ASN.1 BER-encoded files can now be dissected according to a
       user-specified syntax.

  New Protocol Support

   DMP, Homeplug (INT51X1), NBD, OMAPI, PKCS#12, RGMP, Roofnet, STUN
   v2

  Updated Protocol Support

   2dparityfec, ACN, AIM, AMR, ANSI 637, ANSI A, ANSI MAP, ARP, ASN.1
   BER, ASN.1 PER, BACapp, BPDU, CAMEL, DCERPC (DCERPC, EFS,
   EVENTLOG, NSPI, PN-IO, WINREG), DCOM CBA, DCP, DHCP, DHCPv6, DMP,
   DNS, E.164, EAP, EPL, ETSI DCP, FCP, GIOP, GSM A, H.245, H.248,
   HPSW, HTTP, ICMP, ICMPv6, IEEE 802.11, IMAP, INAP, IPMI, IPsec,
   IRC, ISAKMP, iSCSI, ISIS LSP, IuUP, K12, Kerberos, LDAP, LLDP,
   MEGACO, MGCP, MIME Multipart, MMS, MMSE, MSRP, MySQL, NetFlow,
   NFS, NTLMSSP, NTP, OSPF, PN-PTCP, PPPoE, Q.931, Radiotap, RADIUS,
   RPC, RSVP, RTCP, S4406, SCCP, SCSI, SDP, SES, sFlow, SIGCOMP, SIP,
   SIR, Skinny, SMB (SMB, NETLOGON), SMTP, SNMP, SPNEGO, SSL, T.38,
   TCP, TDS, text/media, TIPC, UDLD, UDP Lite, UDP, UMA, UMTS FP,
   USB, VNC, WBXML, WLCCP, WSP, X.411, X.420, XML, XOT, YMSG

  New and Updated Capture File Support

   Catapult DCT2000, Netttl, Windows Sniffer / NetXray

Getting Wireshark

   Wireshark source code and installation packages are available from
   the [17]download page on the main web site.

  Vendor-supplied Packages

   Most Linux and Unix vendors supply their own Wireshark packages.
   You can usually install or upgrade Wireshark using the package
   management system specific to that platform. A list of third-party
   packages can be found on the [18]download page on the Wireshark
   web site.

File Locations

   Wireshark and TShark look in several different locations for
   preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
   These locations vary from platform to platform. You can use
   About->Folders to find the default locations on your system.

Known Problems

   The Filter button is nonfunctional in the file dialogs under
   Windows. ([19]Bug 942)

Getting Help

   Community support is available on the wireshark-users mailing
   list. Subscription information and archives for all of Wireshark's
   mailing lists can be found on [20]the web site.

   Commercial support, training, and development services are
   available from [21]CACE Technologies.

Frequently Asked Questions

   A complete FAQ is available on the [22]Wireshark web site.

References

   Visible links
   1. http://www.wireshark.org/security/wnpa-sec-2007-01.html
   2. http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1200
   3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0459
   4. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0458
   5. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0457
   6. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0456
   7. http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=220
   8. http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=646
   9. http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1043
  10. http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1117
  11. http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1138
  12. http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1164
  13. http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1173
  14. http://www.u3.com/
  15. http://www.cacetech.com/products/airpcap.htm
  16. http://www.ethereal.com/
  17. http://www.wireshark.org/download.html
  18. http://www.wireshark.org/download.html#otherplat
  19. http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=942
  20. http://www.wireshark.org/lists/
  21. http://www.cacetech.com/
  22. http://www.wireshark.org/faq.html