Wireshark 1.4.3 released
Wireshark is a popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education.
Wireshark 1.4.3 fixes the following vulnerabilities:
FRAsse discovered that the MAC-LTE dissector could overflow a buffer. Versions affected: 1.2.0 to 1.2.13 and 1.4.0 to 1.4.2.
FRAsse discovered that the ENTTEC dissector could overflow a buffer. Versions affected: 1.2.0 to 1.2.13 and 1.4.0 to 1.4.2. CVE-2010-4538
The ASN.1 BER dissector could assert and make Wireshark exit prematurely. Versions affected: 1.4.0 to 1.4.2.
It may be possible to make Wireshark crash by injecting a series of malformed packets onto the wire or by convincing someone to read a malformed packet trace file.