From the advisory: On Nov 2008, Security Vulnerability Research Team of Bkis (SVRT-Bkis) has detected a vulnerability underlying WireShark 1.0.4 (lastest version). The flaw is in the function processing SMTP protocol and enables hacker to perform a DoS attack by sending a SMTP request with large content to port 25. The application then enter a large loop and cannot do anything else. We have contacted the vendor of Wireshark. They fixed this vulnerability for Wireshark 1.0.5 but they haven't released the official version yet. Details is here : http://wiki.wireshark.org/Development/Roadmap
1.0.5 out, but has some build problems, so I'll bump it as soon as I'll manage to resolve them.
New version is in the tree.
Arches, please test and mark stable net-analyzer/wireshark-1.0.5. Target keywords: "alpha amd64 hppa ia64 ppc ppc64 sparc x86 ~x86-fbsd"
sparc stable
minor doc-issues: dodoc: READMEbsd does not exist dodoc: READMElinux does not exist dodoc: READMEmacos does not exist dodoc: READMEvmware does not exist >>> Completed installing wireshark-1.0.5 into /var/tmp/portage/net-analyzer/wireshark-1.0.5/image/
amd64/x86 stable
Stable on alpha.
(In reply to comment #5) > dodoc: READMEbsd does not exist It was fixed in 1.1.x long time ago but seems that I forgot about stable. Thanks for notice. Fixed in 1.0.5 too.
Stable for HPPA.
ia64 stable
ppc64 done
ppc stable
GLSA together with #242996.
CVE-2008-6472 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6472): The WLCCP dissector in Wireshark 0.99.7 through 1.0.4 allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors.
GLSA 200906-05, thanks everyone