Wireshark 1.2.9 (32-bit)

Wireshark is the world's foremost network protocol analyzer, and is the de facto standard across many industries and educational institutions.

* Deep inspection of hundreds of protocols, with more being added all the time
* Live capture and offline analysis
* Standard three-pane packet browser
* Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
* Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
* The most powerful display filters in the industry
* Rich VoIP analysis
* Read/write many different capture file formats
* Capture files compressed with gzip can be decompressed on the fly
* Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platfrom)
* Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
* Coloring rules can be applied to the packet list for quick, intuitive analysis
* Output can be exported to XML, PostScript®, CSV, or plain text

Title: Wireshark 1.2.9 (32-bit)
Filename: wireshark-win32-1.2.9.exe
File size: 17.29MB (18,125,552 bytes)
Requirements: Windows 2000 / XP / 2003 / Vista / Windows7
Languages: en-US
License: Open Source
Date added: June 10, 2010
Author: Wireshark.org
www.wireshark.org

Change Log:

# The following vulnerabilities have been fixed.

* The SMB dissector could dereference a NULL pointer. (Bug 4734)
- Versions affected: 0.99.6 to 1.0.13, 1.2.0 to 1.2.8
* J. Oquendo discovered that the ASN.1 BER dissector could overrun the stack.
- Versions affected: 0.10.13 to 1.0.13, 1.2.0 to 1.2.8
* The SMB PIPE dissector could dereference a NULL pointer on some platforms.
- Versions affected: 0.8.20 to 1.0.13, 1.2.0 to 1.2.8
* The SigComp Universal Decompressor Virtual Machine could go into an infinite loop. (Bug 4826)
- Versions affected: 0.10.7 to 1.0.13, 1.2.0 to 1.2.8
* The SigComp Universal Decompressor Virtual Machine could overrun a buffer. (Bug 4837)
- Versions affected: 0.10.8 to 1.0.13, 1.2.0 to 1.2.8

# The following bugs have been fixed:

* Cannot open file with File -> Open. (Bug 1791)
* Application crash when changing real-time option. (Bug 4035)
* Crash in filter autocompletion. (Bug 4306)
* The XML dissector doesn't allow dots (".") in tags. (Bug 4405)
* Live capture stops when using zlib 1.2.5. (Bug 4708)
* Want to be able to apply decode as to Data Portion of Lan Trace. (Bug 4721)
* SABP short pdu (packet_per.c). (Bug 4743)
* Kerberos pre-auth type constants - MS extensions are wrong. (Bug 4752)
* Check HTTP Content-Length parsing for overflow. (Bug 4758)
* Wrong variable used for proto_tree_add_text() in ptp dissector. (Bug 4773)
* Crash when close window frame of gtk file chooser. (Bug 4778)
* text2pcap expects \n delimited text (instead of \r\n) on win32. (Bug 4780)
* Wrong decoding for BGP ORF. (Bug 4782)
* Crash when Ctrl-Backspacing the display filter. (Bug 4797)
* Acker AFI field incorrect size in PGM dissector. (Bug 4798)
* Fedora 13: wireshark fails to build (linking problem). (Bug 4815)
* The NFS FH hash (nfs.fh.hash) incorrectly matches multiple filehandles. (Bug 4839)
* AES-CTR decoding not working, (dissectors/packet_ipsec.c using gcrypt). (Bug 4838)

# Updated Protocol Support

* ASN.1 BER, BGP, HTTP, IGMP, IPsec, Kerberos, NFS, PGM, PTP, SABP, SigComp, SMB, TCAP, XML,

# Updated Capture File Support

* ERF, PacketLogger.