Good to know that.
2007/11/16, Gianluca Varenni <gianluca.varenni@xxxxxxxxxxxx>:
> As of today, WinPcap 4.1 beta2 is available in the download section of
> the WinPcap website, http://www.winpcap.org/install/ .
>
> This new software release includes several improvements and changes to
> both the library itself and its developer's pack. First of all, it
> fixes a security vulnerability in the kernel driver reported by the
> iDefense Labs in the security advisory available at
> http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=625
>
> It also includes the latest available snapshot of libpcap (1.0
> branch).
> >From the developer's point of view, this version ships with a cleaned
> up update of the developer's pack. Some header files that were wrongly
> included in the old developer's pack (including some coming from the
> Microsoft platform SDK) have been removed. Other files have been
> consolidated or split into internal header files (used for the build
> of the binaries) and public header files.
> Full details can be found in the change log attached at the end of
> this message.
>
> Being a beta release, as usual, we encourage people to test it and
> report any anomaly or strange behavior to the WinPcap mailing lists.
>
> In particular, we strongly encourage all the developers to try
> compiling all their WinPcap-based applications against the new WinPcap
> developer's pack and report any compilation issue to the winpcap-bugs
> mailing list (winpcap-bugs<AT>winpcap.org).
>
> Gianluca Varenni
> WinPcap Team
>
>
>
> Changelog from WinPcap 4.0.1
> ============================
>
> - Disabled support for monitor mode (also called TME, Table Management
> Extensions) in the driver. This module suffers from several security
> vulnerabilities that could result in BSODs or privilege escalation
> attacks. This fix addresses a security vulnerability reported by the
> iDefense Labs at
> http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=625
>
> - Added a small script to integrate the libpcap sources into the
> WinPcap tree automatically.
>
> - Moved the definition of all the I/O control codes to ioctls.h.
>
> - Cleaned up and removed some build scripts for the developer's pack.
>
> - Migrated the driver compilation environment to WDK 6000.
>
> - Enabled PreFAST driver compilation for the x64 build.
>
> - Added some doxygen directives to group the IOCTL codes and JIT
> definitions in proper groups.
>
> - Integrated the IOCTL codes into one single set shared by packet.dll
> and driver.
>
> - Modified the installer to return the win32 error code instead of -1
> in case of failure in the error messages.
>
> - Added some #define directives to selectively disable the TME
> functionality for WAN (i.e. Netmon-assisted) devices.
>
> - Added a VS2005 project to easily edit the files of the driver.
>
> - Removed some useless #include directives in the driver and
> packet.dll.
>
> - Migrated several conditional directives (#ifdef/#endif) to the
> defines of the DDK/WDK e.g. _X86_ and _AMD64_.
>
> - Added a check to warn users that remote-ext.h should not be included
> directly.
>
> - Removed ntddndis.h from the WinPcap sources. It's included into the
> Microsoft Platform SDK.
>
> - Removed devioctl.h from the WinPcap sources. It's included into the
> Microsoft DDK/WDK.
>
> - Removed ntddpack.h from the WinPcap sources. It's an old header file
> from the original DDK Packet sample, and it's not used by WinPcap.
>
> - Removed several useless files from the WinPcap developer's pack:
> + all the TME extension header files
> + devioctl.h
> + gnuc.h
> + ntddndis.h
> + ntddpack.h
> + pcap-int.h.
>
> - Bug fixing:
> + Fixed a possible buffer overrun on x64 machines with more that 32
> CPUs/cores.
> + Fixed an implicit cast problem compiling the driver on x64.
> + Fixed a bug in the installer causing a mis-detection of a previous
> WinPcap installation.
> + Fixed two bugs related to memory deallocation in packet.dll. We
> were using free() instead of GlobalFreePtr(), and there was a
> missing check as to when to deallocate a chunk of memory.
> + Added a missing NULL pointer check in pcap_open().
> + Moved a misplaced #ifdef WIN32 in pcap_open().
> + Fixed a bug in the send routine of the driver that could cause a
> crash under low resources conditions.
>
> =========
>
> _______________________________________________
> Wireshark-users mailing list
> Wireshark-users@xxxxxxxxxxxxx
> http://www.wireshark.org/mailman/listinfo/wireshark-users
>
>
>
--
I want to be an expert.
I want to be a professional.
