智能化下的产物,无人棋牌室
Wireshark 1.12.5 发布,此版本主要是 bug 修复版本,没有新特性也没有功能性改进,也没有协议更新等等。
此版本现已提供下载:
- Windows Installer (64-bit)
- Windows Installer (32-bit)
- Windows PortableApps (32-bit)
- OS X 10.6 and later Intel 64-bit .dmg
- OS X 10.5 and later Intel 32-bit .dmg
- Source Code
此版本解决的漏洞:
-
The LBMR dissector could go into an infinite loop. (Bug 11036)CVE-2015-3808CVE-2015-3809
-
The WebSocket dissector could recurse excessively. (Bug 10989)CVE-2015-3810
-
The WCP dissector could crash while decompressing data. (Bug 10978)CVE-2015-3811
-
The X11 dissector could leak memory. (Bug 11088)CVE-2015-3812
-
The packet reassembly code could leak memory. (Bug 11129)CVE-2015-3813
-
The IEEE 802.11 dissector could go into an infinite loop. (Bug 11110)CVE-2015-3814
-
The Android Logcat file parser could crash. Discovered by Hanno Böck. (Bug 11188)CVE-2015-3815
Bug 修复:
- Wireshark crashes if “Update list of packets in real time” is disabled and a display filter is applied while capturing. (Bug 6217)
- EAPOL 4-way handshake information wrong. (Bug 10557)
- RPC NULL calls incorrectly flagged as malformed. (Bug 10646)
- Wireshark relative ISN set incorrectly if raw ISN set to 0. (Bug 10713)
- Buffer overrun in encryption code. (Bug 10849)
- Crash when use Telephony / Voip calls. (Bug 10885)
- ICMP Parameter Problem message contains Length of original datagram is treated as the total IPv4 length. (Bug 10991)
- ICMP Redirect takes 4 bytes for IPv4 payload instead of 8. (Bug 10992)
- Missing field “tcp.pdu.size” in TCP stack. (Bug 11007)
- Sierra EM7345 marks MBIM packets as NCM. (Bug 11018)
- Possible infinite loop DoS in ForCES dissector. (Bug 11037)
- “Decode As…” crashes when a packet dialog is open. (Bug 11043)
- Interface Identifier incorrectly represented by Wireshark. (Bug 11053)
- “Follow UDP Stream” on mpeg packets crashes wireshark v.1.12.4 (works fine on v.1.10.13). (Bug 11055)
- Annoying popup when trying to capture on bonds. (Bug 11058)
- Request-response cross-reference in USB URB packets incorrect. (Bug 11072)
- Right clicking in Expert Infos to create a filter (duplicate IP) results in invalid filters. (Bug 11073)
- CanOpen dissector fails on frames with RTR and 0 length. (Bug 11083)
- Typo in secp521r1 curve wrongly identified as sect521r1. (Bug 11106)
- packet-zbee-zcl.h: IS_ANALOG_SUBTYPE doesn’t filter ENUM. (Bug 11120)
- Typo: “LTE Positioning Protocol” abbreviated as “LPP”, not “LLP”. (Bug 11141)
- Missing Makefile.nmake in ansi1/Kerberos directory. (Bug 11155)
- Can’t build tshark without the Qt packages installed unless –without-qt is specified. (Bug 11157)
更多改进内容请看发行页面。
Wireshark(前称Ethereal)是一个网络封包分析软件。网络封包分析软件的功能是撷取网络封包,并尽可能显示出最为详细的网络封包资料。
网络封包分析软件的功能可想像成 “电工技师使用电表来量测电流、电压、电阻” 的工作 – 只是将场景移植到网络上,并将电线替换成网络线。 在过去,网络封包分析软件是非常昂贵,或是专门属于营利用的软件。Ethereal的出现改变了这一切。在GNUGPL通用许可证的保障范围底下,使用者 可以以免费的代价取得软件与其源代码,并拥有针对其源代码修改及客制化的权利。Ethereal是目前全世界最广泛的网络封包分析软件之一。
网络管理员使用Wireshark来检测网络问题,网络安全工程师使用Wireshark来检查资讯安全相关问题,开发者使用Wireshark来 为新的通讯协定除错,普通使用者使用Wireshark来学习网络协定的相关知识当然,有的人也会“居心叵测”的用它来寻找一些敏感信息……
Wireshark不是入侵侦测软件(Intrusion DetectionSoftware,IDS)。对于网络上的异常流量行为,Wireshark不会产生警示或是任何提示。然而,仔细分析 Wireshark撷取的封包能够帮助使用者对于网络行为有更清楚的了解。Wireshark不会对网络封包产生内容的修改,它只会反映出目前流通的封包 资讯。 Wireshark本身也不会送出封包至网络上。
相关文章
