Wireshark 4.0.4

Wireshark, One of the world’s most popular network packet analyzers released a new version of 4.0.4 with new enhancements, updated protocol support, and bug fixes.

Wireshark is widely used all over the world as one of the most popular tools for analyzing network protocols and is used for several purposes.

The last version of Wireshark 4.0.0 was released on October 2022 and this is the first update in 2023.

Wireshark packet analyzer is used by network administrators and security analysts to analyze packets of information within a network and troubleshoot problems that may arise. A wide range of organizations uses this tool to manage their business activities.


The Wireshark packet analyzer is available for a number of different operating systems, including the following:-

  • Windows
  • Linux
  • macOS
  • BSD

Wireshark 4.0.4 – What’s New!

Here is the list of changes that come with the new Wireshark 4.0.0 version;

Updated Protocol Support

ASTERIX, BGP, DHCP, ERF, F5 Ethernet trailer, GMR-1 RR, Gryphon, GSM SMS, H.261, H.450, ISO 10681, ISO 15765, MIPv6, NAS-5gs, NR RRC, NS Trace, OptoMMP, PDCP-LTE, PDCP-NR, QSIG, ROHC, RSVP, RTCP, SCTP, SIP, TCP, TECMP, TWAMP, UDS, and UMTS RLC.

Vulnerability Fix:

Wireshark released fixes wnpa-sec-2023-08 bug that leads to ISO 15765 and ISO 10681 dissector crashes.

This vulnerability allows ISO15765 and ISO10681 dissectors to corrupt memory and it leads to crashes in Wireshark 4.0.0 and users may experience handing (Wireshark 3.6).

  • Name: ISO 15765 and ISO 10681 dissector crash
  • Docid: wnpa-sec-2023-08
  • Date: March 2, 2023
  • Affected versions: 4.0.0 to 4.0.3, 3.6.0 to 3.6.11
  • Fixed versions: 4.0.4, 3.6.12

Bug Fixes:

  • UTF-8 characters end up escaping in PSML output. Issue 10445.
  • Export filtered displayed packets won’t save IP fragments of SCTP fragments needed to reassemble a displayed frame. Issue 12597.
  • DICOM dissection in reassembled PDV goes wrong. Issue 13388.
  • “Export Objects – IMF” produces an incorrect file, and TCP reassembly fails with retransmissions that have additional data. Issue 13523.
  • The intelligent scroll bar or minimap is not predictable on locating and scrolling. Issue 13989.
  • If you mark (or unmark) the currently-selected frame, the packet details still say it’s not marked (or it is marked) Issue 14330.
  • An out-of-order packet incorrectly detected as retransmission breaks the desegmentation of the TCP stream. Issue 15993.
  • The sorting Packet Loss Column is not sorting correct. Issue 16785.
  • Some HTTPS packets cannot be decrypted. Issue 17406.
  • SIP TCP decoding regression from Wireshark 1.99.0 to 3.6.8. Issue 18411.
  • Frame comments not preserved when using filter to write new pcap from tshark. Issue 18693.
  • ChmodBPF not working on macOS Ventura 13.1. Issue 18734.
  • Wireshark GUI and window manager stuck after setting the display filter. Issue 18809.
  • Dissector bug, protocol H.261. Issue 18812.
  • File extension heuristics are case-sensitive. Issue 18821.
  • Symbolic links to packages in macOS dmg can’t be double-clicked to install on macOS 13.2. Issue 18830.
  • Potential memory leak in tshark.c. Issue 18837.
  • Fuzz job crash output: fuzz-2023-02-05-7303.pcap. Issue 18842.
  • f5fileinfo: Hardware platforms missing descriptions. Issue 18848.
  • The lines in the intelligent scrollbar are off by one. Issue 18850.
  • Wireshark crashes on invalid UDS packet in Lua context. Issue 18865.
  • TECMP dissector shows the wrong Voltage in Vendor Data. Issue 18871.
  • UDS: Names of RDTCI subfunctions 0x0b …​ 0x0e are not correct. Issue 18873.

Download the latest version of the application from the link here.

Wireshark Training: 

Complete Wireshark Network Analysis Bundle – 30 hours of Hands-on course provides complete network analysis Training

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.