Version 1.4.11 and 1.6.5 of the open source Wireshark network protocol analyzer were recently released.
"The maintenance and security updates to the cross-platform tool fix several vulnerabilities that could be exploited by an attacker to cause a denial-of-service (DoS) or compromise a victim's system," The H Security reports.
"The vulnerabilities include a NULL pointer deference error when displaying packet information, issues in the file parser that cause Wireshark to fail to properly check record sizes for a number of packet capture formats, and an RLC dissector buffer overflow bug," the article states.
Go to "Wireshark 1.4.x and 1.6.x updates close security holes" to read the details.https://o1.qnsr.com/log/p.gif?;n=203;c=204660766;s=9477;x=7936;f=201812281312070;u=j;z=TIMESTAMP;a=20392931;e=i
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.