WinPcap is the industry-standard tool for link-layer network access in Windows environments: it allows applications to capture and transmit network packets bypassing the protocol stack, and has additional useful features, including kernel-level packet filtering, a network statistics engine and support for remote packet capture. WinPcap consists of a driver, that extends the operating system to provide low-level network access, and a library that is used to easily access the low-level network layers. This library also contains the Windows version of the well known libpcap Unix API.
Changelog:
- Disabled support for monitor mode (also called TME, Table Management Extensions) in the driver. This module suffers from several security vulnerabilities that could result in BSODs or privilege escalation attacks. This fix addresses a security vulnerability reported by the iDefense Labs.
- Bug fixing:
- Added a missing NULL pointer check in pcap_open()
- Fixed a misplaced #ifdef WIN32 directive in pcap_open().
- Fixed a bug in the send routine of the driver that could cause a crash under low resources conditions.
- Fixed a bug in the installer causing a mis-detection of a previous WinPcap installation
- Minor cleanup of some #define directives in the driver (to disable the TME extensions).