When I update Wireshark from 1.8.2 to 1.10.0, all the mongodb query can be showed clearly in version 1.8.2 can not be shown correctly, all the mongo queries were showed as [Malformed Packet: MONGO](Both in ubuntu and windows). The mongodb reply also work as in both version 1.8.2 and 1.10.0. asked 22 Jul '13, 10:12  ricky edited 22 Jul '13, 11:48  Guy Harris ♦♦ |
One Answer:
Probably a bug in the MongoDB dissector introduced in 1.10. File a bug at the Wireshark bugzilla; please attach a capture file showing the problem if you possibly can. answered 22 Jul '13, 11:49 Guy Harris ♦♦ |
Seems to be a bug in 1.10.0. You can test it with the following file