From $URL: Wireshark 1.4.0, 1.2.x, and 1.0.x are vulnerable to a stack overflow in the BER dissector as described at http://seclists.org/bugtraq/2010/Sep/87 This has been fixed in r34111; this bug report exists mainly to get the sample capture that the NCNIPC sent into the fuzz menagerie.
Wireshark 1.2.12 has been released. http://www.wireshark.org/docs/relnotes/wireshark-1.2.12.html
Thank you Tim! 1.2.12 was just added to the tree. Arch teams, please, stabilize it. Note although upstream bug is still opened release notes mention this vulnerability to be fixed there.
amd64 done
Tested on x86 all good here.
ppc done
Stable for HPPA.
x86 stable, thanks David
Stable on alpha.
ia64/sparc stable
ppc64 done
Thanks, folks. GLSA together with bug 330479.
CVE-2010-3445 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3445): Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown ASN.1/BER encoded packet, as demonstrated using SNMP.
This issue was resolved and addressed in GLSA 201110-02 at http://security.gentoo.org/glsa/glsa-201110-02.xml by GLSA coordinator Alex Legler (a3li).