Security Advisories

The following Wireshark releases fix serious security vulnerabilities. If you are running a vulnerable version of Wireshark you should consider upgrading.

2014

wnpa-sec-2014-07. Frame metadissector crash.. Fixed in 1.10.8.
wnpa-sec-2014-06. RTP dissector crash. Fixed in 1.10.7.
wnpa-sec-2014-05. Libpcap file parser crash.. Fixed in 1.10.4.
wnpa-sec-2014-04. MPEG file parser buffer overflow. Fixed in 1.10.6, 1.8.13.
wnpa-sec-2014-03. RLC dissector crash. Fixed in 1.10.6, 1.8.13.
wnpa-sec-2014-02. M3UA dissector crash. Fixed in 1.10.6.
wnpa-sec-2014-01. NFS dissector crash. Fixed in 1.10.6, 1.8.13.

2013

wnpa-sec-2013-68. NTLMSSP v2 dissector crash. Fixed in 1.10.4, 1.8.12.
wnpa-sec-2013-67. BSSGP dissector crash. Fixed in 1.10.4.
wnpa-sec-2013-66. SIP dissector infinite loop. Fixed in 1.10.4, 1.8.12.
wnpa-sec-2013-65. TCP dissector crash. Fixed in 1.10.3, 1.8.11.
wnpa-sec-2013-64. ActiveMQ OpenWire dissector large loop. Fixed in 1.10.3, 1.8.11.
wnpa-sec-2013-63. SIP dissector crash. Fixed in 1.10.2, 1.8.10.
wnpa-sec-2013-62. NBAP dissector crash. Fixed in 1.10.3, 1.8.11.
wnpa-sec-2013-61. IEEE 802.15.4 dissector crash. Fixed in 1.10.3, 1.8.11.
wnpa-sec-2013-60. Netmon file parser crash. Fixed in 1.10.2, 1.8.10.
wnpa-sec-2013-59. LDAP dissector crash. Fixed in 1.10.2, 1.8.10.
wnpa-sec-2013-58. MQ dissector crash. Fixed in 1.10.2, 1.8.10.
wnpa-sec-2013-57. RTPS dissector buffer overflow. Fixed in 1.10.2, 1.8.10.
wnpa-sec-2013-56. ASSA R3 dissector infinite loop. Fixed in 1.10.2, 1.8.10.
wnpa-sec-2013-55. NBAP dissector crash. Fixed in 1.10.2, 1.8.10.
wnpa-sec-2013-54. Bluetooth HCI ACL dissector crash. Fixed in 1.10.2.
wnpa-sec-2013-53. PROFINET Real-Time dissector crash. Fixed in 1.10.1.
wnpa-sec-2013-52. ASN.1 PER dissector crash. Fixed in 1.10.1, 1.8.9.
wnpa-sec-2013-51. Netmon file parser crash. Fixed in 1.10.1, 1.8.9.
wnpa-sec-2013-50. GSM A Common dissector crash. Fixed in 1.10.1, 1.8.9.
wnpa-sec-2013-49. GSM RR dissector large loop. Fixed in 1.10.1, 1.8.9.
wnpa-sec-2013-48. DVB-CI dissector crash. Fixed in 1.10.1, 1.8.9.
wnpa-sec-2013-47. DIS dissector large loop. Fixed in 1.10.1, 1.8.9.
wnpa-sec-2013-46. Bluetooth OBEX dissector infinite loop. Fixed in 1.10.1.
wnpa-sec-2013-45. Bluetooth SDP dissector large loop. Fixed in 1.10.1, 1.8.9.
wnpa-sec-2013-44. DCOM ISystemActivator dissector crash. Fixed in 1.10.1.
wnpa-sec-2013-43. Radiotap dissector crash. Fixed in 1.10.1.
wnpa-sec-2013-42. P1 dissector crash. Fixed in 1.10.1.
wnpa-sec-2013-41. DCP ETSI dissector crash. Fixed in 1.10.1, 1.8.8, 1.6.16.
wnpa-sec-2013-40. Ixia IxVeriWave file parser crash. Fixed in 1.8.8.
wnpa-sec-2013-39. HTTP dissector crash. Fixed in 1.8.8, 1.6.16.
wnpa-sec-2013-38. Assa Abloy R3 dissector DOS. Fixed in 1.8.8.
wnpa-sec-2013-37. GSM CBCH dissector crash. Fixed in 1.8.8.
wnpa-sec-2013-36. RDP dissector crash. Fixed in 1.8.8.
wnpa-sec-2013-35. NBAP dissector crash. Fixed in 1.8.8.
wnpa-sec-2013-34. PPP dissector crash. Fixed in 1.8.8.
wnpa-sec-2013-33. GMR-1 BCCH dissector crash. Fixed in 1.8.8.
wnpa-sec-2013-32. CAPWAP dissector crash. Fixed in 1.8.8, 1.6.16.
wnpa-sec-2013-31. ETCH dissector large loop. Fixed in 1.8.7.
wnpa-sec-2013-30. MySQL dissector infinite loop. Fixed in 1.8.7.
wnpa-sec-2013-29. Websocket dissector crash. Fixed in 1.8.7.
wnpa-sec-2013-28. MPEG DSM-CC dissector crash. Fixed in 1.8.7.
wnpa-sec-2013-27. DCP ETSI dissector crash. Fixed in 1.8.7.
wnpa-sec-2013-26. PPP CCP dissector crash. Fixed in 1.8.7.
wnpa-sec-2013-25. ASN.1 BER dissector crash. Fixed in 1.8.7, 1.6.15.
wnpa-sec-2013-24. GTPv2 dissector crash. Fixed in 1.8.7.
wnpa-sec-2013-23. RELOAD dissector infinite loop. Fixed in 1.8.7.
wnpa-sec-2013-22. DTLS dissector crash. Fixed in 1.8.6, 1.6.14.
wnpa-sec-2013-21. RELOAD dissector infinite loop. Fixed in 1.8.6.
wnpa-sec-2013-20. FCSP dissector infinite loop. Fixed in 1.8.6, 1.6.14.
wnpa-sec-2013-19. CIMD dissector crash. Fixed in 1.8.6, 1.6.14.
wnpa-sec-2013-18. ACN dissector divide by zero. Fixed in 1.8.6, 1.6.14.
wnpa-sec-2013-17. AMPQ dissector infinite loop. Fixed in 1.8.6, 1.6.14.
wnpa-sec-2013-16. Mount dissector crash. Fixed in 1.8.6, 1.6.14.
wnpa-sec-2013-15. RTPS and RTPS2 dissector crash. Fixed in 1.8.6, 1.6.14.
wnpa-sec-2013-14. MPLS Echo dissector infinite loop. Fixed in 1.8.6.
wnpa-sec-2013-13. MS-MMS dissector crash. Fixed in 1.8.6, 1.6.14.
wnpa-sec-2013-12. CSN.1 dissector crash. Fixed in 1.8.6.
wnpa-sec-2013-11. HART/IP dissector infinite loop. Fixed in 1.8.6.
wnpa-sec-2013-10. TCP dissector crash. Fixed in 1.8.6.
wnpa-sec-2013-09. NTLMSSP dissector overflow. Fixed in 1.8.5, 1.6.13.
wnpa-sec-2013-08. Wireshark dissection engine crash. Fixed in 1.8.5, 1.6.13.
wnpa-sec-2013-07. DCP-ETSI dissector crash. Fixed in 1.8.5, 1.6.13.
wnpa-sec-2013-06. ROHC dissector crash. Fixed in 1.8.5.
wnpa-sec-2013-05. DTLS dissector crash. Fixed in 1.8.5, 1.6.13.
wnpa-sec-2013-04. MS-MMC dissector crash. Fixed in 1.8.5, 1.6.13.
wnpa-sec-2013-03. DTN dissector crash. Fixed in 1.8.5, 1.6.13.
wnpa-sec-2013-02. CLNP dissector crash. Fixed in 1.8.5, 1.6.13.
wnpa-sec-2013-01. Infinite and large loops in several dissectors. Fixed in 1.8.5, 1.6.13.

2012

wnpa-sec-2012-40. Wireshark ICMPv6 dissector infinite loop. Fixed in 1.8.4, 1.6.12.
wnpa-sec-2012-39. Wireshark 3GPP2 A11 dissector infinite loop. Fixed in 1.8.4.
wnpa-sec-2012-38. Wireshark RTCP dissector inifinte loop. Fixed in 1.8.4, 1.6.12.
wnpa-sec-2012-37. Wireshark WTP dissector infinite loop. Fixed in 1.8.4, 1.6.12.
wnpa-sec-2012-36. Wireshark iSCSI dissector infinite loop. Fixed in 1.8.4, 1.6.12.
wnpa-sec-2012-35. Wireshark ISAKMP dissector crash. Fixed in 1.8.4, 1.6.12.
wnpa-sec-2012-34. Wireshark EIGRP dissector infinite loop. Fixed in 1.8.4.
wnpa-sec-2012-33. Wireshark SCTP dissector infinite loop. Fixed in 1.8.4.
wnpa-sec-2012-32. Wireshark sFlow dissector infinite loop. Fixed in 1.8.4.
wnpa-sec-2012-31. Wireshark USB dissector infinite loop. Fixed in 1.8.4, 1.6.12.
wnpa-sec-2012-30. Wireshark pcap-ng host name disclosure. Fixed in 1.8.4.
wnpa-sec-2012-29. Wireshark LDP dissector buffer overflow. Fixed in 1.8.3.
wnpa-sec-2012-28. Wireshark DRDA dissector infinite loop. Fixed in 1.8.3, 1.6.11.
wnpa-sec-2012-27. Wireshark PPP dissector crash. Fixed in 1.8.3.
wnpa-sec-2012-26. Wireshark HSRP dissector infinite loop. Fixed in 1.8.3.
wnpa-sec-2012-25. Wireshark Ixia IxVeriWave file parser buffer overflow. Fixed in 1.8.2.
wnpa-sec-2012-24. Wireshark pcap-ng file parser zero division. Fixed in 1.8.2.
wnpa-sec-2012-23. Wireshark CTDB dissector large loop. Fixed in 1.8.2, 1.6.10, 1.4.15.
wnpa-sec-2012-22. Wireshark EtherCAT Mailbox dissector abort. Fixed in 1.8.2, 1.6.10, 1.4.15.
wnpa-sec-2012-21. Wireshark STUN dissector crash. Fixed in 1.8.2, 1.6.10, 1.4.15.
wnpa-sec-2012-20. Wireshark CIP dissector memory exhaustion. Fixed in 1.8.2, 1.6.10, 1.4.15.
wnpa-sec-2012-19. Wireshark GSM RLC MAC dissector buffer overflow. Fixed in 1.8.2, 1.6.10.
wnpa-sec-2012-18. Wireshark RTPS2 dissector buffer overflow. Fixed in 1.8.2, 1.6.10, 1.4.15.
wnpa-sec-2012-17. Wireshark AFP dissector large loop. Fixed in 1.8.2, 1.6.10, 1.4.15.
wnpa-sec-2012-16. Wireshark ERF dissector flaws. Fixed in 1.8.2.
wnpa-sec-2012-15. Wireshark XTP dissector large loop. Fixed in 1.8.2, 1.6.10, 1.4.15.
wnpa-sec-2012-14. Wireshark MongoDB large loop. Fixed in 1.8.2.
wnpa-sec-2012-13. Wireshark DCP ETSI zero division. Fixed in 1.8.2, 1.6.10, 1.4.15.
wnpa-sec-2012-12. Large loop in the NFS dissector. Fixed in 1.8.1, 1.6.9, 1.4.14.
wnpa-sec-2012-11. PPP dissector crash. Fixed in 1.8.1, 1.6.9, 1.4.14.
wnpa-sec-2012-10. Wireshark memory alignment flaw. Fixed in 1.4.13, 1.6.8.
wnpa-sec-2012-09. Wireshark DIAMETER memory allocation flaw. Fixed in 1.4.13, 1.6.8.
wnpa-sec-2012-08. Infinite and large loops in many dissectors. Fixed in 1.4.13, 1.6.8.
wnpa-sec-2012-07. Wireshark MP2T memory allocation flaw. Fixed in 1.4.12, 1.6.6.
wnpa-sec-2012-06. Wireshark pcap and pcap-ng file format crash. Fixed in 1.4.12, 1.6.6.
wnpa-sec-2012-05. Wireshark 802.11 infinite loop. Fixed in 1.6.6.
wnpa-sec-2012-04. Wireshark ANSI A dissector crash. Fixed in 1.4.12, 1.6.6.
wnpa-sec-2012-03. Wireshark RLC dissector buffer overflow. Fixed in 1.4.11, 1.6.5.
wnpa-sec-2012-02. Wireshark NULL pointer vulnerabilities. Fixed in 1.4.11, 1.6.5.
wnpa-sec-2012-01. Multiple Wireshark file parser vulnerabilities. Fixed in 1.4.11, 1.6.5.

2011

wnpa-sec-2011-19. Wireshark ERF file parser vulnerability. Fixed in 1.6.3.
wnpa-sec-2011-18. Wireshark Infiniband dissector vulnerability. Fixed in 1.6.3.
wnpa-sec-2011-17. Wireshark CSN.1 dissector vulnerability. Fixed in 1.6.3.
wnpa-sec-2011-16. Wireshark CSN.1 dissector vulnerability. Fixed in 1.6.2.
wnpa-sec-2011-15. Wireshark Lua script execution vulnerability. Fixed in 1.6.2, 1.4.9.
wnpa-sec-2011-14. Wireshark buffer exception handling vulnerability. Fixed in 1.6.2.
wnpa-sec-2011-13. Wireshark IKE dissector vulnerability. Fixed in 1.6.2, 1.4.9.
wnpa-sec-2011-12. Wireshark OpenSafety dissector vulnerability. Fixed in 1.6.2.
wnpa-sec-2011-11. Lucent/Ascend file parser and ANSI MAP vulnerabilities in Wireshark. Fixed in 1.6.1.
wnpa-sec-2011-10. Lucent/Ascend file parser and ANSI MAP vulnerabilities in Wireshark. Fixed in 1.4.8.
wnpa-sec-2011-09. Lucent/Ascend file parser vulnerability in Wireshark. Fixed in 1.2.18.
wnpa-sec-2011-08. Multiple vulnerabilities in Wireshark. Fixed in 1.4.7.
wnpa-sec-2011-07. Multiple vulnerabilities in Wireshark. Fixed in 1.2.17.
wnpa-sec-2011-06. DECT, NFS, and X.509if vulnerabilities in Wireshark. Fixed in 1.4.5.
wnpa-sec-2011-05. X.509if vulnerability in Wireshark. Fixed in 1.2.16.
wnpa-sec-2011-04. MAC-LTE, ENTTEC, and ASN.1 BER vulnerabilities in Wireshark. Fixed in 1.4.4.
wnpa-sec-2011-03. Multiple vulnerabilities in Wireshark. Fixed in 1.2.15.
wnpa-sec-2011-02. MAC-LTE, ENTTEC, and ASN.1 BER vulnerabilities in Wireshark. Fixed in 1.4.3.
wnpa-sec-2011-01. MAC-LTE and ENTTEC vulnerabilities in Wireshark. Fixed in 1.2.14.

2010

wnpa-sec-2010-14. LDSS and ZigBee ZCL vulnerabilities in Wireshark. Fixed in 1.4.2.
wnpa-sec-2010-13. LDSS vulnerability in Wireshark. Fixed in 1.2.13.
wnpa-sec-2010-12. ASN.1 BER vulnerability in Wireshark. Fixed in 1.4.1.
wnpa-sec-2010-11. Vulnerabilities in Wireshark. Fixed in 1.2.12.
wnpa-sec-2010-10. DLL hijacking vulnerability in Wireshark. Fixed in 1.2.11.
wnpa-sec-2010-09. DLL hijacking vulnerability in Wireshark. Fixed in 1.0.16.
wnpa-sec-2010-08. Multiple vulnerabilities in Wireshark. Fixed in 1.2.10.
wnpa-sec-2010-07. Vulnerabilities in Wireshark. Fixed in 1.0.15.
wnpa-sec-2010-06. Multiple vulnerabilities in Wireshark. Fixed in 1.2.9.
wnpa-sec-2010-05. Multiple vulnerabilities in Wireshark. Fixed in 1.0.14.
wnpa-sec-2010-04. DOCSIS vulnerabilities in Wireshark. Fixed in 1.2.8.
wnpa-sec-2010-03. DOCSIS vulnerabilities in Wireshark. Fixed in 1.0.13.
wnpa-sec-2010-02. LWRES vulnerability in Wireshark. Fixed in 1.2.6.
wnpa-sec-2010-01. Multiple vulnerabilities in Wireshark. Fixed in 1.0.11.

2009

wnpa-sec-2009-09. Multiple vulnerabilities in Wireshark. Fixed in 1.2.5.
wnpa-sec-2009-08. Multiple vulnerabilities in Wireshark. Fixed in 1.0.10.
wnpa-sec-2009-07. Multiple vulnerabilities in Wireshark. Fixed in 1.2.3.
wnpa-sec-2009-06. Multiple vulnerabilities in Wireshark. Fixed in 1.2.2.
wnpa-sec-2009-05. Multiple vulnerabilities in Wireshark. Fixed in 1.0.9.
wnpa-sec-2009-04. Multiple vulnerabilities in Wireshark. Fixed in 1.2.1.
wnpa-sec-2009-03. PCNFSD vulnerability in Wireshark. Fixed in 1.0.8.
wnpa-sec-2009-02. Multiple problems in Wireshark. Fixed in 1.0.7.
wnpa-sec-2009-01. Multiple problems in Wireshark. Fixed in 1.0.6.

2008

wnpa-sec-2008-07. Multiple problems in Wireshark. Fixed in 1.0.5.
wnpa-sec-2008-06. Multiple problems in Wireshark. Fixed in 1.0.4.
wnpa-sec-2008-05. Multiple problems in Wireshark. Fixed in 1.0.3.
wnpa-sec-2008-04. Multiple problems in Wireshark. Fixed in 1.0.2.
wnpa-sec-2008-03. Multiple problems in Wireshark. Fixed in 1.0.1.
wnpa-sec-2008-02. Multiple problems in Wireshark. Fixed in 1.0.0.
wnpa-sec-2008-01. Multiple problems in Wireshark (formerly Ethereal). Fixed in 0.99.8.

2007

wnpa-sec-2007-03. Multiple problems in Wireshark (formerly Ethereal). Fixed in 0.99.7.
wnpa-sec-2007-02. Multiple problems in Wireshark (formerly Ethereal). Fixed in 0.99.6.
wnpa-sec-2007-01. Multiple problems in Wireshark (formerly Ethereal). Fixed in 0.99.5.

2006

wnpa-sec-2006-03. Multiple problems in Wireshark (formerly Ethereal). Fixed in 0.99.4.
wnpa-sec-2006-02. Multiple problems in Wireshark (Ethereal). Fixed in 0.99.3.
wnpa-sec-2006-01. Multiple problems in Ethereal. Fixed in 0.99.2.
Reporting Security Problems

If you've found a security problem with Wireshark we want to hear about it. You can let us know about security-related issues via the following channels:

Email. security[AT]wireshark.org. In cases where confidentiality is a concern, you can use our GPG key (id 0x21F2949A).

Web. Our bug tracking system. Bugs can be marked private if needed.

Enhance Wireshark

Riverbed is Wireshark's primary sponsor and provides our funding. They also make great products.

Troubleshoot your Network

Free 30 day trial

Free 30 day trial

  • Save hours on network and application issue diagnoses
  • Monitor physical and virtual environments
  • GUI packet capture and analysis
  • Fully integrated with Wireshark

Try Cascade Shark VE & Cascade Pilot Free for 30 Days

802.11 Packet Capture

Riverbed AirPcap
  • WLAN packet capture and transmission
  • Full 802.11 a/b/g/n support
  • View management, control and data frames
  • Multi-channel aggregation (with multiple adapters)

Learn More

Buy Now

Packet Analysis Made Easy

    Cascade Pilot Personal Edition graphs
  • Visually rich, powerful LAN analyzer
  • Quickly access very large pcap files
  • Professional, customizable reports
  • Advanced triggers and alerts
  • Fully integrated with Wireshark

Try Cascade Pilot PE FREE for 10 days

Buy Now