1 Wireshark 0.99.5 Release Notes
3 ------------------------------------------------------------------
7 Wireshark is the world's most popular network protocol analyzer.
8 It is used for troubleshooting, analysis, development, and
15 The following vulnerabilities have been fixed. See the [1]security
16 advisory for details and a workaround.
18 o The TCP dissector could hang or crash while reassembling HTTP
19 packets. (Bug [2]1200)
21 Versions affected: 0.99.2 to 0.99.4
25 o The HTTP dissector could crash.
27 Versions affected: 0.99.3 to 0.99.4
31 o On some systems, the IEEE 802.11 dissector could crash.
33 Versions affected: 0.10.14 to 0.99.4
37 o On some systems, the LLT dissector could crash.
39 Versions affected: 0.99.3 to 0.99.4
43 The following bugs have been fixed:
45 o On Windows systems the packet list scroll bar could sometimes
46 disappear or become unusable. ([7]Bug 220)
48 o The end of HTTP chunked encoding wasn't being displayed.
51 o The Follow TCP Stream window could omit characters. ([9]Bug
54 o Opening a flow graph could crash Wireshark. ([10]Bug 1117)
56 o Follow TCP Stream would sometimes get the direction wrong.
59 o The foreground text in the coloring rules editor was always
60 black.. ([12]Bug 1164)
62 o The CSV export format was incorrect. ([13]Bug 1173)
64 o On some Windows systems Wireshark could take a long time to
67 o Malformed UDLD packets could cause an exception.
69 o The ISUP statistics report could overflow a buffer and crash
70 when displaying IPv6 addresses.
72 New and Updated Features
74 The following features are new (or have been significantly
75 updated) since the last release:
77 o We are now offering Wireshark as a [14]U3 package for Windows.
78 U3 packages are suitable for using on USB drives and CD-ROMs.
79 It's still experimental, but you're welcome to try it out and
80 report any problems or successes.
82 o Decryption support for WPA/WPA2 and SNMPv3 has been added. The
83 TDS / MS SQL dissector now de-obfuscates passwords.
85 o 64-bit file handling has been improved.
87 o The Find function now selects the corresponding packet detail
88 item. Find functionality has been added to the TCP and SSL
91 o Main window keyboard navigation has been improved.
93 o Windows file dialogs now show the "places" bar (Desktop, My
94 Documents, My Computer, My Network Places, etc). File dialogs
95 now default to "My Documents" in accordance with Microsoft's
98 o [15]AirPcap support (which provides raw mode capture under
99 Windows) has been enhanced to allow capturing on multiple
100 AirPcap adapters simultaneously.
102 o You can no longer install Wireshark on Windows 95, 98, or ME.
103 (OK, so it's not a feature per se, but it's an important
104 change). The last version known to work on these systems is
107 o ASN.1 BER-encoded files can now be dissected according to a
108 user-specified syntax.
112 DMP, Homeplug (INT51X1), NBD, OMAPI, PKCS#12, RGMP, Roofnet, STUN
115 Updated Protocol Support
117 2dparityfec, ACN, AIM, AMR, ANSI 637, ANSI A, ANSI MAP, ARP, ASN.1
118 BER, ASN.1 PER, BACapp, BPDU, CAMEL, DCERPC (DCERPC, EFS,
119 EVENTLOG, NSPI, PN-IO, WINREG), DCOM CBA, DCP, DHCP, DHCPv6, DMP,
120 DNS, E.164, EAP, EPL, ETSI DCP, FCP, GIOP, GSM A, H.245, H.248,
121 HPSW, HTTP, ICMP, ICMPv6, IEEE 802.11, IMAP, INAP, IPMI, IPsec,
122 IRC, ISAKMP, iSCSI, ISIS LSP, IuUP, K12, Kerberos, LDAP, LLDP,
123 MEGACO, MGCP, MIME Multipart, MMS, MMSE, MSRP, MySQL, NetFlow,
124 NFS, NTLMSSP, NTP, OSPF, PN-PTCP, PPPoE, Q.931, Radiotap, RADIUS,
125 RPC, RSVP, RTCP, S4406, SCCP, SCSI, SDP, SES, sFlow, SIGCOMP, SIP,
126 SIR, Skinny, SMB (SMB, NETLOGON), SMTP, SNMP, SPNEGO, SSL, T.38,
127 TCP, TDS, text/media, TIPC, UDLD, UDP Lite, UDP, UMA, UMTS FP,
128 USB, VNC, WBXML, WLCCP, WSP, X.411, X.420, XML, XOT, YMSG
130 New and Updated Capture File Support
132 Catapult DCT2000, Netttl, Windows Sniffer / NetXray
136 Wireshark source code and installation packages are available from
137 the [17]download page on the main web site.
139 Vendor-supplied Packages
141 Most Linux and Unix vendors supply their own Wireshark packages.
142 You can usually install or upgrade Wireshark using the package
143 management system specific to that platform. A list of third-party
144 packages can be found on the [18]download page on the Wireshark
149 Wireshark and TShark look in several different locations for
150 preference files, plugins, SNMP MIBS, and RADIUS dictionaries.
151 These locations vary from platform to platform. You can use
152 About->Folders to find the default locations on your system.
156 The Filter button is nonfunctional in the file dialogs under
157 Windows. ([19]Bug 942)
161 Community support is available on the wireshark-users mailing
162 list. Subscription information and archives for all of Wireshark's
163 mailing lists can be found on [20]the web site.
165 Commercial support, training, and development services are
166 available from [21]CACE Technologies.
168 Frequently Asked Questions
170 A complete FAQ is available on the [22]Wireshark web site.
175 1. http://www.wireshark.org/security/wnpa-sec-2007-01.html
176 2. http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1200
177 3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0459
178 4. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0458
179 5. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0457
180 6. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0456
181 7. http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=220
182 8. http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=646
183 9. http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1043
184 10. http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1117
185 11. http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1138
186 12. http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1164
187 13. http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1173
188 14. http://www.u3.com/
189 15. http://www.cacetech.com/products/airpcap.htm
190 16. http://www.ethereal.com/
191 17. http://www.wireshark.org/download.html
192 18. http://www.wireshark.org/download.html#otherplat
193 19. http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=942
194 20. http://www.wireshark.org/lists/
195 21. http://www.cacetech.com/
196 22. http://www.wireshark.org/faq.html