LANDesk Patch News Bulletin: Wireshark Version 1.4.4 is Available for Download 02-MAR-2011

Version 1

    LANDesk Security and Patch News



    • (March 02,2011) Wireshark has released Wireshark version 1.4.4. The following vulnerabilities have been fixed. See the security advisory for details and a workaround.


    Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that Wireshark could free an uninitialized pointer while reading a malformed pcap-ng file. (Bug 5652)


    Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3.




    Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a large packet length in a pcap-ng file could crash Wireshark. (Bug 5661)


    Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3.


    Wireshark could overflow a buffer while reading a Nokia DCT3 trace file.


    Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3.




    Paul Makowski working for SEI/CERT discovered that Wireshark on 32 bit systems could crash while reading a malformed 6LoWPAN packet. (Bug 5722)


    Versions affected: 1.4.0 to 1.4.3.


    joernchen of Phenoelit discovered that the LDAP and SMB dissectors could overflow the stack. (Bug 5717)


    Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3. (Prior versions including 1.0.x are also affected.)


    Xiaopeng Zhang of Fortinet's Fortiguard Labs discovered that large LDAP Filter strings can consume excessive amounts of memory. (Bug 5732)


    Versions affected: 1.2.0 to 1.2.14 and 1.4.0 to 1.4.3. (Prior versions including 1.0.x are also affected.)



    The following bugs have been fixed:


    A TCP stream would not always be recognized as the same stream. (Bug 2907)


    Wireshark Crashing by pressing 2 Buttons. (Bug 4645)


    A crash can occur in the NTLMSSP dissector. (Bug 5157)


    The column texts from a Lua dissector could be mangled. (Bug 5326) (Bug 5630)


    Corrections to ANSI MAP ASN.1 specifications. (Bug 5584)


    When searching in packet bytes, the field and bytes are not immediately shown. (Bug 5585)


    Malformed Packet: ULP reported when dissecting ULP SessionID PDU. (Bug 5593)


    Wrong IEI in container of decode_gtp_mm_cntxt. (Bug 5598)


    Display filter does not work for expressions of type BASE_DEC, BASE_DEC_HEX and BASE_HEX_DEC. (Bug 5606)


    NTLMSSP dissector may fail to compile due to space embedded in C comment delimiters. (Bug 5614)


    Allow for name resolution of link-scope and multicast IPv6 addresses from local host file. (Bug 5615)


    DHCPv6 dissector formats DUID_LLT time incorrectly. (Bug 5627)


    Allow for IEEE 802.3bc-2009 style PoE TLVs. (Bug 5639)


    Various fixes to the HIP packet dissector. (Bug 5646)


    Display "Day of Year" for January 1 as 1, not 0. (Bug 5653)


    Accommodate the CMake build on Ubuntu 10.10. (Bug 5665)


    E.212 MCC 260 Poland update according to local national regulatory. (Bug 5668)


    IPP on ports other than 631 not recognized. (Bug 5677)


    Potential access violation when writing to LANalyzer files. (Bug 5698)


    IEEE 802.15.4 Superframe Specification - Final CAP Slot always 0. (Bug 5700)


    Peer SRC and DST AS numbers are swapped for cflow. (Bug 5702)


    dumpcap: -q option behavior doesn't match documentation. (Bug 5716)




    New Vulnerabilities

    • Vulnerability ID – WIRESHARKv1.4.4


    Changed Vulnerabilities

    • Vulnerability ID – WIRESHARKv1.4.3 (Added the replacement information.)



    New Patch Downloads

    • wireshark-win32-1.4.4.exe
    • wireshark-win64-1.4.4.exe


    Where to Send Feedback

    At LANDesk, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.


    Best regards,

    LANDesk Product Support


    Copyright © 2011 LANDesk Software.  All rights reserved. LANDesk is either a registered trademark or trademark of LANDesk Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.


    Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. LANDesk disclaims any liability with respect to this document and LANDesk has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit