Wireshark 1.4.2 - Free and open-source packet analyzer

Wireshark is the world's foremost network protocol analyzer, and is the de facto standard across many industries and educational institutions.

Features includes deep inspection of hundreds of protocols, with more being added all the time, Live capture and offline analysis, Standard three-pane packet browser, Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility, and Rich VoIP analysis.

Features
• Deep inspection of hundreds of protocols, with more being added all the time
• Live capture and offline analysis
• Standard three-pane packet browser
• Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
• Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
• The most powerful display filters in the industry
• Rich VoIP analysis
• Read/write many different capture file formats
• Capture files compressed with gzip can be decompressed on the fly
• Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platfrom)
• Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
• Coloring rules can be applied to the packet list for quick, intuitive analysis
• Output can be exported to XML, PostScript, CSV, or plain text

Download Wireshark 1.4.2
Download Wireshark 1.4.2 free from following website:
Download Wireshark 1.4.2 for Windows (32-bit)
Download Wireshark 1.4.2 for Windows (64-bit)
Download Wireshark 1.4.2 Portable Apps

What's New in Wireshark 1.4.2
Bug Fixes
The following vulnerabilities have been fixed. See the security advisory for details and a workaround.
- Nephi Johnson of BreakingPoint discovered that the LDSS dissector could overflow a buffer. (Bug 5318)
- Versions affected: 1.2.0 to 1.2.12 and 1.4.0 to 1.4.1.

- The ZigBee ZCL dissector could go into an infinite loop. (Bug 5303)
- Versions affected: 1.4.0 to 1.4.1.

The following bugs have been fixed:
The following bugs have been fixed:
- File-Open Display Filter is overwritten by Save-As Filename. (Bug 3894)
- Wireshark crashes with "Gtk-ERROR **: Byte index 6 is off the end of the line" if click on last PDU. (Bug 5285)
- GTK-ERROR can occur in packets when there are multiple Netbios/SMB headers in a single frame. (Bug 5289)
- "Tshark -G values" crashes on Windows. (Bug 5296)
- PROFINET I&M0FilterData packet not fully decoded. (Bug 5299)
- PROFINET MRP linkup/linkdown decoding incorrect. (Bug 5300)
- [lua] Dumper:close() will cause a segfault due later GC of the Dumper. (Bug 5320)
- Network Instruments' trace files sometimes cannot be read with an error message of "Observer: bad record: Invalid magic number". (Bug 5330)
- IO Graph Time of Day times incorrect for filtered data. (Bug 5340)
- Wireshark tools do not detect and read some ERF files correctly. (Bug 5344)
- "editcap -h" sends some lines to stderr and others to stdout. (Bug 5353)
- IP Timestamp Option: "flag=3" variant (prespecified) not displayed correctly. (Bug 5357)
- AgentX PDU Header 'hex field highlighting' incorrectly spans extra bytes. (Bug 5364)
- AgentX dissector cannot handle null OID in Open-PDU. (Bug 5368)
- Crash with "Gtk-ERROR **: Byte index 6 is off the end of the line". (Bug 5374)
- ANCP Portmanagment TLV wrong decoded. (Bug 5388)
- Crash during startup because of Python SyntaxError in wspy_libws.py. (Bug 5389)

Updated Protocol Support
AgentX, ANCP, DIAMETER, HTTP, IP, LDSS, MIME, NBNS, PROFINET, SIP, TCP, Telnet, ZigBee

New and Updated Capture File Support
Endace ERF, Network Instruments Observer.

Source
Wireshark 1.4.2 Release Notes

No comments: