Wireshark 1.6.6 now available for download

Wireshark 1.6.6 has been released. This version is a maintenance release which contains bug fixes and stability improvements over the previous release. The Installers for Windows, Mac OS X 10.5.5 and above (Intel and PPC), and source code is now available.

Wireshark is the world's most popular network protocol analyzer. It is used for troubleshooting, analysis, development and industries and educational institutions.

Features includes deep inspection of hundreds of protocols, with more being added all the time, Live capture and offline analysis, Standard three-pane packet browser, Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility, and Rich VoIP analysis.

Key Features
Here are key features of Wireshark:
  • Deep inspection of hundreds of protocols, with more being added all the time.
  • Live capture and offline analysis.
  • Standard three-pane packet browser.
  • Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others.
  • Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility.
  • The most powerful display filters in the industry.
  • Rich VoIP analysis.
  • Read/write many different capture file formats.
  • Capture files compressed with gzip can be decompressed on the fly.
  • Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platfrom).
  • Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2.
  • Coloring rules can be applied to the packet list for quick, intuitive analysis.
  • Output can be exported to XML, PostScript, CSV, or plain text.

Download Wireshark 1.6.6
The links in this section correspond to files available for Wireshark 1.6.6. Select the files most appropriate for you.

To download Wireshark for MAC OS X and ource code please visit Download Wireshark website.

What's New in Wireshark 1.6.6
Vulnerabilities fixed
The following vulnerabilities have been fixed.
  • wnpa-sec-2012-04: The ANSI A dissector could dereference a NULL pointer and crash. (Bug 6823) - Versions affected: 1.4.0 to 1.4.11, 1.6.0 to 1.6.5.
  • wnpa-sec-2012-05: The IEEE 802.11 dissector could go into an infinite loop. (Bug 6809) -  Versions affected: 1.6.0 to 1.6.5.
  • wnpa-sec-2012-06: The pcap and pcap-ng file parsers could crash trying to read ERF data. (Bug 6804) - Versions affected: 1.4.0 to 1.4.11, 1.6.0 to 1.6.5.
  • wnpa-sec-2012-07: The MP2T dissector could try to allocate too much memory and crash. (Bug 6833) - Versions affected: 1.4.0 to 1.4.11, 1.6.0 to 1.6.5.
  • The Windows installers now include GnuTLS 2.12.18 and Libtasn1 2.12, which fix several vulnerabilities.

Bug Fixes
The following bugs have been fixed.
  • ISO SSAP: ActivityStart: Invalid decoding the activity parameter as a BER Integer.
  • Forward slashes in URI need to be converted to backslashes if WIN32.
  • Character echo pauses in Capture Filter field in Capture Options.
  • Some PGM options are not parsed correctly.
  • dumpcap crashes when capturing from pipe to a pcap-ng file (e.g., when passing data from CACE Pilot to Wireshark).
  • Unable to rearrange columns in preferences on Windows. (Bug 6077) (Note: this bug still affects the 64-bit package)
  • No error for UDP/IPv6 packet with zero checksum.
  • Wireshark installer doesn't add access_bpf in 10.5.8.
  • Corrupted Diameter dictionary file that crashes Wireshark.
  • packetBB dissector bug: More than 1000000 items in the tree -- possible infinite loop.
  • ZEP dissector: Timestamp not always displayed correctly. Fractional seconds never displayed.
  • GOOSE Messages don't use the length field to perform the dissection.
  • Ethernet traces in K12 text format sometimes give bogus "malformed frame" errors and other problems.
  • max_ul_ext isn't printed/decoded to the packet details log in GTP protocol packet.
  • non-IPP packets to or from port 631 are dissected as IPP.
  • lua proto registration fails for uppercase proto / g_ascii_strdown problem.
  • no menu item Fle->Export->SSL Session Keys in GTK.
  • IAX2 dissector reads past end of packet for unknown IEs.
  • TShark 1.6.5 immediately crashes on SSL decryption (every time).
  • USB: unknown GET DESCRIPTOR response triggers assert failure.
  • IEEE1588 PTPv2 over IPv6.
  • Patch to fix DTLS decryption.
  • Expression... dialog crash.
  • display filter "gtp.msisdn" not working.
  • Multiprotocol Label Switching Echo - Return Code: Reserved (5).
  • ISAKMP : VendorID CheckPoint : Malformed Packet.
  • Adding a Custom HTTP Header Field with a trailing colon causes wireshark to immediately crash (and crash upon restart).
  • Radiotap dissector lists a bogus "DBM TX Attenuation" bit.
  • MySQL dissector assertion.
  • Radiotap header format data rate alignment issues.

Updated Protocol Support
  • ANSI A, BSSGP, DIAMETER, DTLS, GOOSE, GSM Management, GTP, HTTP, IAX2, IEEE 802.11, IPP, ISAKMP, ISO SSAP, MP2T, MPLS, MySQL, NTP, PacketBB, PGM, Radiotap, SSL, TCP, UDP, USB, WSP 

New and Updated Capture File Support
  • Endace ERF, Pcap-NG, Tektronix K12

Source:
Wireshark 1.6.6 Release Notes

No comments: