Wireshark 2.6.5 Released with Many Vulnerabilities / Bugs Fixed


The popular network packet analyzer Wireshark released version 2.6.5 yesterday afternoon with numerous bug-fixes.

Following vulnerabilities, bugs has been fixed in Wireshark 2.6.5:

  • The Wireshark dissection engine could crash.
  • The DCOM dissector could crash.
  • The LBMPDM dissector could crash.
  • The MMSE dissector could go into an infinite loop.
  • The IxVeriWave file parser could crash.
  • The PVFS dissector could crash.
  • The ZigBee ZCL dissector could crash.
  • VoIP Calls dialog doesn’t include RTP stream when preparing a filter.
  • Closing Enabled Protocols dialog crashes wireshark.
  • Unable to Export Objects → HTTP after sorting columns.
  • DNS Response to NS query shows as malformed packet.
  • Encrypted Alerts corresponds to a wrong selection in the packet bytes pane.
  • ESP will not decode since 2.6.2 – works fine in 2.4.6 or 2.4.8.
  • Wireshark tries to decode EAP-SIM Pseudonym Identity.
  • Infinite read loop when extcap exits with error and error message.
  • OPC UA Max nesting depth exceeded for valid packet.
  • TShark 2.6 does not print GeoIP information.
  • ISUP (ANSI) packets malformed in WS versions later than 2.4.8.
  • Handover candidate enquire message not decoded.
  • TShark piping output in a cmd or PowerShell prompt stops working when GeoIP is enabled.
  • ICMPv6 with routing header incorrectly placed.
  • IEEE 802.11 Vendor Specific fixed fields display as malformed packets.
  • text2pcap -4 and -6 option should require -i as well.
  • text2pcap direction sensitivity does not affect dummy ethernet addresses.
  • MLE security suite display incorrect.
  • Message for incorrect IPv4 option lengths is incorrect.
  • TACACS+ dissector does not properly reassemble large accounting messages.
  • NLRI of S-PMSI A-D BGP route not being displayed.

Install Wireshark 2.6.5 in Ubuntu:

Balint Reczey maintains the Wireshark packages for Ubuntu. The new 2.6.5 package will be published in Ubuntu universe repository.

Make sure the security and updates repositories are enabled in Software & Updates -> Updates.

Once the new release package is published, you’ll receive Wireshark updates through Software Updater.