Download Wireshark 2.4.4

Version 2.4.4 of the open source protocol analyzer and packet niffer Wireshark has been released. With this program, various data packets and network protocols on the network can be analyzed. The program can also use previously saved data traffic as input. Wireshark runs on Windows, Linux, and macOS, with separate downloads for 32bit and 64bit versions of the operating systems. The following changes and improvements have been made in this release:

The following bugs have been fixed:

• wnpa-sec-2018-01: Multiple dissectors could crash. (Bug 14253) CVE-2018-5336
• wnpa-sec-2018-03: The IxVeriWave file parser could crash. (Bug 14297) CVE-2018-5334
• wnpa-sec-2018-04: The WCP dissector could crash. (Bug 14251) CVE-2018-5335

Prior to this release dumpcap enabled the Linux kernel’s BPF JIT compiler via the net.core.bpf_jit_enable sysctl. This could make systems more vulnerable to Specter variant 1 (CVE-2017-5753) and this feature has been removed (Bug 14313).

• Some keyboard shortcut mix-up has been resolved by assigning new shortcuts to Edit → Copy methods.
• Remote interfaces are not saved. (Bug 8557)
• Additional grouping in Expert Information dialog. (Bug 11753)
• First start with non-empty extcap folder after install or reboot hangs at “initializing tap listeners”. (Bug 12845)
• Can’t hide expert categories in Expert Information. (Bug 13831)
• Expert info dialog should have “Collapse All”/”Expand All” options. (Bug 13842)
• SIP Statistics extract does not work. (Bug 13942)
• Service Response Time – SCSI dialog crashes. (Bug 14144)
• Wireshark & ​​Tshark 2.4.2 core dumps with segmentation fault. (Bug 14194)
• SSH remote capture promiscuous mode. (Bug 14237)
• SOCKS pseudo header displays incorrect Version value. (Bug 14262)
• Only first variable of list is dissected in NTP Control request message. (Bug 14268)
• NTP Authenticator field dissection fails if padding is used. (Bug 14269)
• BSSAP packet dissector issue – BSSAP_UPLINK_TUNNEL_REQUEST message. (Bug 14289)
• “[Malformed Packet]” for Mobile IP (MIP) protocol. (Bug 14292)
• There is a potential buffer underflow in File_read_line function in epan/wslua/wslua_file.c file. (Bug 14295)
• Saving a temporary capture file may not result in the temporary file being removed. (Bug 14298)

Updated Protocol Support

• Bluetooth
• BSSAP
• BT ATT
• BT HCI
• BT SMP
• MIP
• NTP
• SCTP
• SOCKS
• UDS
• WCP

New and Updated Capture File Support

• Ixia IxVeriWave

The following downloads are available:
Wireshark 2.4.4 for Windows (32bit)
Wireshark 2.4.4 for Windows (64 bit)
Wireshark 2.4.4 for PortableApps
Wireshark 2.4.4 for macOS 10.6 and above (64bit)
Wireshark 2.4.4 source code for Linux, Solaris and *BSD among others