Wireshark - 1.12.1 - Windows (x64)

Version 1.12.1 (Released 16 September 2014) of Wireshark licensed under the GNU GPL v2 for Windows 8, 7, Vista, Server 2012, Server 2008 R2, Server 2008, and Server 2003.

Wireshark is a network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It has a rich and powerful feature set and is world's most popular tool of its kind. It runs on most computing platforms including Windows, OS X, Linux, and UNIX. Network professionals, security experts, developers, and educators around the world use it regularly.

Official site: https://www.wireshark.org/

Changes in 1.12.1

Bug Fixes:

The following vulnerabilities have been fixed.

• wnpa-sec-2014-13
  
• MEGACO dissector infinite loop. (Bug 10333) CVE-2014-6423
  
• wnpa-sec-2014-14
  
• Netflow dissector crash. (Bug 10370) CVE-2014-6424
  
• wnpa-sec-2014-15
  
• CUPS dissector crash. (Bug 10353) CVE-2014-6425
  
• wnpa-sec-2014-16
  
• HIP dissector infinite loop. CVE-2014-6426
  
• wnpa-sec-2014-17
  
• RTSP dissector crash. (Bug 10381) CVE-2014-6427
  
• wnpa-sec-2014-18
  
• SES dissector crash. (Bug 10454) CVE-2014-6428
  
• wnpa-sec-2014-19
  
• Sniffer file parser crash. (Bug 10461) CVE-2014-6429 CVE-2014-6430 CVE-2014-6431 CVE-2014-6432
  

The following bugs have been fixed:

• Wireshark can crash during remote capture (rpcap) configuration. (Bug 3554, Bug 6922, ws-buglink:7021)
  
• 802.11 capture does not decrypt/decode DHCP response. (Bug 8734)
  
• Extra quotes around date fields (FT_ABSOLUTE_TIME) when using -E quote=d or s. (Bug 10213)
  
• No progress line in "VOIP RTP Player". (Bug 10307)
  
• MIPv6 Service Selection Identifier parse error. (Bug 10323)
  
• Probably wrong length check in proto_item_set_end. (Bug 10329)
  
• 802.11 BA sequence number decode is broken. (Bug 10334)
  
• wmem_alloc_array() "succeeds" (and clobbers memory) when requested to allocate 0xaaaaaaaa items of size 12. (Bug 10343)
  
• Different dissection results for same file. (Bug 10348)
  
• Mergecap wildcard breaks in version 1.12.0. (Bug 10354)
  
• Diameter TCP reassemble. (Bug 10362)
  
• TRILL NLPID 0xc0 unknown to Wireshark. (Bug 10382)
  
• BTLE advertising header flags (RxAdd/TxAdd) dissected incorrectly. (Bug 10384)
  
• Ethernet OAM (CFM) frames including TLV’s are wrongly decoded as malformed. (Bug 10385)
  
• BGP4: Wireshark skipped some potion of AS_PATH. (Bug 10399)
  
• MAC address name resolution is broken. (Bug 10344)
  
• Wrong decoding of RPKI RTR End of Data PDU. (Bug 10411)
  
• SSL/TLS dissector incorrectly interprets length for status_request_v2 hello extension. (Bug 10416)
  
• Misparsed NTP control assignments with empty values. (Bug 10417)
  
• 6LoWPAN multicast address decompression problems. (Bug 10426)
  
• Netflow v9 flowset not decoded if options template has zero-length scope section. (Bug 10432)
  
• GUI Hangs when Selecting Path to GeoIP Files. (Bug 10434)
  
• AX.25 dissector prints unprintable characters. (Bug 10439)
  
• 6LoWPAN context handling not working. (Bug 10443)
  
• SIP: When export to a CSV, Info is changed to differ. (Bug 10453)
  
• Typo in packet-netflow.c. (Bug 10458)
  
• Incorrect MPEG-TS decoding (OPCR field). (Bug 10446)
  

2.4. Updated Protocol Support

6LoWPAN, A21, ACR122, Art-Net, AX.25, BGP, BTLE, CAPWAP, DIAMETER, DICOM, DVB-CI, Ethernet OAM, HIP, HiSLIP, HTTP2, IEEE 802.11, MAUSB, MEGACO, MIPv6, MP2T, Netflow, NTP, openSAFETY, OSI, RDM, RPKI RTR, RTSP, SES, SIP, TLS, and Token Ring MAC

2.5. New and Updated Capture File Support

DOS Sniffer, and NetScaler

3. Getting Wireshark

Wireshark source code and installation packages are available from http://www.wireshark.org/download.html.

3.1. Vendor-supplied Packages

Most Linux and Unix vendors supply their own Wireshark packages. You can usually install or upgrade Wireshark using the package management system specific to that platform. A list of third-party packages can be found on the download page on the Wireshark web site.

4. File Locations

Wireshark and TShark look in several different locations for preference files, plugins, SNMP MIBS, and RADIUS dictionaries. These locations vary from platform to platform. You can use About→Folders to find the default locations on your system.

5. Known Problems

• Dumpcap might not quit if Wireshark or TShark crashes. (Bug 1419)
  
• The BER dissector might infinitely loop. (Bug 1516)
  
• Capture filters aren’t applied when capturing from named pipes. (ws-buglink:1814)
  
• Filtering tshark captures with read filters (-R) no longer works. (Bug 2234)
  
• The 64-bit Windows installer does not support Kerberos decryption. (Win64 development page)
  
• Resolving (Bug 9044) reopens (Bug 3528) so that Wireshark no longer automatically decodes gzip data when following a TCP stream.
  
• Application crash when changing real-time option. (Bug 4035)
  
• Hex pane display issue after startup. (Bug 4056)
  
• Packet list rows are oversized. (Bug 4357)
  
• Summary pane selected frame highlighting not maintained. (Bug 4445)
  
• Wireshark and TShark will display incorrect delta times in some cases. (Bug 4985)
  
• The 64-bit Mac OS X installer doesn’t support Mac OS X 10.9 (Bug 9242)
  

For more information, visit https://www.wireshark.org/docs/relnotes/wireshark-1.12.1.html