recog-intrigue 2.3.7 → 2.3.14

Sign up to get free protection for your applications and to get access to all the features.
Files changed (70) hide show
  1. checksums.yaml +4 -4
  2. data/.github/SECURITY.md +35 -0
  3. data/.gitignore +9 -0
  4. data/CONTRIBUTING.md +136 -37
  5. data/README.md +18 -16
  6. data/bin/recog_cleanup +16 -0
  7. data/bin/recog_standardize +30 -6
  8. data/cpe-remap.yaml +38 -1
  9. data/identifiers/README.md +9 -0
  10. data/identifiers/hw_device.txt +77 -0
  11. data/identifiers/hw_family.txt +96 -0
  12. data/identifiers/hw_product.txt +328 -0
  13. data/identifiers/os_architecture.txt +6 -6
  14. data/identifiers/os_device.txt +45 -3
  15. data/identifiers/os_family.txt +206 -41
  16. data/identifiers/os_product.txt +238 -17
  17. data/identifiers/service_family.txt +144 -57
  18. data/identifiers/service_product.txt +385 -83
  19. data/identifiers/vendor.txt +554 -68
  20. data/lib/recog/version.rb +1 -1
  21. data/requirements.txt +1 -1
  22. data/update_cpes.py +4 -1
  23. data/xml/apache_modules.xml +292 -5
  24. data/xml/apache_os.xml +41 -2
  25. data/xml/architecture.xml +11 -3
  26. data/xml/dns_versionbind.xml +200 -26
  27. data/xml/favicons.xml +1701 -0
  28. data/xml/ftp_banners.xml +256 -23
  29. data/xml/h323_callresp.xml +112 -12
  30. data/xml/hp_pjl_id.xml +47 -5
  31. data/xml/html_title.xml +1156 -70
  32. data/xml/http_cookies.xml +69 -11
  33. data/xml/http_servers.xml +1094 -107
  34. data/xml/http_wwwauth.xml +143 -27
  35. data/xml/imap_banners.xml +62 -13
  36. data/xml/ldap_searchresult.xml +81 -9
  37. data/xml/mdns_device-info_txt.xml +194 -17
  38. data/xml/mdns_workstation_txt.xml +4 -2
  39. data/xml/mysql_banners.xml +233 -40
  40. data/xml/mysql_error.xml +113 -6
  41. data/xml/nntp_banners.xml +10 -2
  42. data/xml/ntp_banners.xml +93 -9
  43. data/xml/operating_system.xml +90 -3
  44. data/xml/pop_banners.xml +87 -33
  45. data/xml/rsh_resp.xml +11 -2
  46. data/xml/rtsp_servers.xml +43 -23
  47. data/xml/sip_banners.xml +6 -11
  48. data/xml/sip_user_agents.xml +29 -2
  49. data/xml/smb_native_lm.xml +10 -2
  50. data/xml/smb_native_os.xml +80 -2
  51. data/xml/smtp_banners.xml +233 -13
  52. data/xml/smtp_debug.xml +6 -4
  53. data/xml/smtp_ehlo.xml +7 -5
  54. data/xml/smtp_expn.xml +13 -4
  55. data/xml/smtp_help.xml +23 -4
  56. data/xml/smtp_mailfrom.xml +5 -2
  57. data/xml/smtp_noop.xml +6 -5
  58. data/xml/smtp_quit.xml +5 -4
  59. data/xml/smtp_rcptto.xml +5 -2
  60. data/xml/smtp_rset.xml +4 -4
  61. data/xml/smtp_turn.xml +4 -4
  62. data/xml/smtp_vrfy.xml +14 -4
  63. data/xml/snmp_sysdescr.xml +741 -32
  64. data/xml/snmp_sysobjid.xml +47 -2
  65. data/xml/ssh_banners.xml +255 -81
  66. data/xml/telnet_banners.xml +503 -30
  67. data/xml/x11_banners.xml +26 -3
  68. data/xml/x509_issuers.xml +37 -13
  69. data/xml/x509_subjects.xml +214 -52
  70. metadata +12 -5
@@ -1,15 +1,18 @@
1
- <?xml version="1.0" encoding="UTF-8"?>
1
+ <?xml version='1.0' encoding='UTF-8'?>
2
2
  <fingerprints matches="snmp.sys_object_id" protocol="snmp" database_type="service">
3
3
  <!--
4
4
  SNMP fingerprint definitions for SysObjectIDs. These are matched against the value of the
5
5
  'sysObjectID' (OID 1.3.6.1.2.1.1.2) variable.
6
6
  -->
7
+
7
8
  <!--======================================================================
8
9
  MICROSOFT
9
10
  =======================================================================-->
11
+
10
12
  <!--
11
13
  These are baseline patterns that map to sysObjectID with their associated sysDescr.
12
14
  -->
15
+
13
16
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.[23] Hardware: x86.*Software: Windows NT Version 4\.0.*$">
14
17
  <description>Windows NT 4 on x86</description>
15
18
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 6 Model 8 Stepping 3 AT/AT COMPATIBLE - Software: Windows NT Version 4.0 (Build Number: 1381 Uniprocessor Free )</example>
@@ -21,6 +24,7 @@
21
24
  <param pos="0" name="os.arch" value="x86"/>
22
25
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_nt:4.0"/>
23
26
  </fingerprint>
27
+
24
28
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows 2000 Version 5\.0.*$">
25
29
  <description>Windows 2000 on x86</description>
26
30
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 4 Stepping 8 AT/AT COMPATIBLE - Software: Windows 2000 Version 5.0 (Build 2195 Uniprocessor Free)</example>
@@ -30,6 +34,7 @@
30
34
  <param pos="0" name="os.arch" value="x86"/>
31
35
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:-"/>
32
36
  </fingerprint>
37
+
33
38
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows 2000 Version 5\.0.*$">
34
39
  <description>Windows 2000 Datacenter on x86</description>
35
40
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 4 Stepping 8 AT/AT COMPATIBLE - Software: Windows 2000 Version 5.0 (Build 2195 Uniprocessor Free)</example>
@@ -39,6 +44,7 @@
39
44
  <param pos="0" name="os.arch" value="x86"/>
40
45
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:-"/>
41
46
  </fingerprint>
47
+
42
48
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 5\.2.*$">
43
49
  <description>Windows Server 2003 on x86</description>
44
50
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
@@ -48,6 +54,7 @@
48
54
  <param pos="0" name="os.arch" value="x86"/>
49
55
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
50
56
  </fingerprint>
57
+
51
58
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 5\.2.*$">
52
59
  <description>Windows Server 2003 Datacenter on x86</description>
53
60
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
@@ -57,6 +64,7 @@
57
64
  <param pos="0" name="os.arch" value="x86"/>
58
65
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
59
66
  </fingerprint>
67
+
60
68
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 5\.2.*$">
61
69
  <description>Windows Server 2003 on x86_64</description>
62
70
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
@@ -67,6 +75,7 @@
67
75
  <param pos="0" name="os.arch" value="x86_64"/>
68
76
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
69
77
  </fingerprint>
78
+
70
79
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 5\.2.*$">
71
80
  <description>Windows Server 2003 Datacenter on x86_64</description>
72
81
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
@@ -77,6 +86,7 @@
77
86
  <param pos="0" name="os.arch" value="x86_64"/>
78
87
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
79
88
  </fingerprint>
89
+
80
90
  <fingerprint pattern="^Microsoft Windows CE Version ([\d.]+).*$">
81
91
  <description>Windows CE</description>
82
92
  <example>Microsoft Windows CE Version 4.20 (Build 0)</example>
@@ -87,6 +97,7 @@
87
97
  <param pos="1" name="os.version"/>
88
98
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_ce:{os.version}"/>
89
99
  </fingerprint>
100
+
90
101
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6001.*$">
91
102
  <description>Windows Server 2008 on x86</description>
92
103
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
@@ -96,6 +107,7 @@
96
107
  <param pos="0" name="os.arch" value="x86"/>
97
108
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
98
109
  </fingerprint>
110
+
99
111
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6001.*$">
100
112
  <description>Windows Server 2008 Datacenter on x86</description>
101
113
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
@@ -105,6 +117,7 @@
105
117
  <param pos="0" name="os.arch" value="x86"/>
106
118
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
107
119
  </fingerprint>
120
+
108
121
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6001.*$">
109
122
  <description>Windows Server 2008 on x86_64</description>
110
123
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
@@ -115,6 +128,7 @@
115
128
  <param pos="0" name="os.arch" value="x86_64"/>
116
129
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
117
130
  </fingerprint>
131
+
118
132
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6001.*$">
119
133
  <description>Windows Server 2008 Datacenter on x86_64</description>
120
134
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
@@ -125,6 +139,7 @@
125
139
  <param pos="0" name="os.arch" value="x86_64"/>
126
140
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
127
141
  </fingerprint>
142
+
128
143
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6002.*$">
129
144
  <description>Windows Server 2008 SP2 on x86</description>
130
145
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
@@ -135,6 +150,7 @@
135
150
  <param pos="0" name="os.arch" value="x86"/>
136
151
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP2"/>
137
152
  </fingerprint>
153
+
138
154
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6002.*$">
139
155
  <description>Windows Server 2008 Datacenter SP2 on x86</description>
140
156
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
@@ -145,6 +161,7 @@
145
161
  <param pos="0" name="os.arch" value="x86"/>
146
162
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP2"/>
147
163
  </fingerprint>
164
+
148
165
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6002.*$">
149
166
  <description>Windows Server 2008 SP2 on x86_64</description>
150
167
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
@@ -156,6 +173,7 @@
156
173
  <param pos="0" name="os.arch" value="x86_64"/>
157
174
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP2"/>
158
175
  </fingerprint>
176
+
159
177
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6002.*$">
160
178
  <description>Windows Server 2008 Datacenter SP2 on x86_64</description>
161
179
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
@@ -167,6 +185,7 @@
167
185
  <param pos="0" name="os.arch" value="x86_64"/>
168
186
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP2"/>
169
187
  </fingerprint>
188
+
170
189
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7600.*$">
171
190
  <description>Windows Server 2008 R2 on x86</description>
172
191
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
@@ -176,6 +195,7 @@
176
195
  <param pos="0" name="os.arch" value="x86"/>
177
196
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
178
197
  </fingerprint>
198
+
179
199
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7600.*$">
180
200
  <description>Windows Server 2008 Datacenter R2 on x86</description>
181
201
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
@@ -185,6 +205,7 @@
185
205
  <param pos="0" name="os.arch" value="x86"/>
186
206
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
187
207
  </fingerprint>
208
+
188
209
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7600.*$">
189
210
  <description>Windows Server 2008 R2 on x86_64</description>
190
211
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
@@ -195,6 +216,7 @@
195
216
  <param pos="0" name="os.arch" value="x86_64"/>
196
217
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
197
218
  </fingerprint>
219
+
198
220
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7600.*$">
199
221
  <description>Windows Server 2008 Datacenter R2 on x86_64</description>
200
222
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
@@ -205,6 +227,7 @@
205
227
  <param pos="0" name="os.arch" value="x86_64"/>
206
228
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
207
229
  </fingerprint>
230
+
208
231
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7601.*$">
209
232
  <description>Windows Server 2008 R2 SP1 on x86</description>
210
233
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
@@ -215,6 +238,7 @@
215
238
  <param pos="0" name="os.arch" value="x86"/>
216
239
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP1"/>
217
240
  </fingerprint>
241
+
218
242
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7601.*$">
219
243
  <description>Windows Server 2008 Datacenter R2 SP1 on x86</description>
220
244
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
@@ -225,6 +249,7 @@
225
249
  <param pos="0" name="os.arch" value="x86"/>
226
250
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP1"/>
227
251
  </fingerprint>
252
+
228
253
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7601.*$">
229
254
  <description>Windows Server 2008 R2 SP1 on x86_64</description>
230
255
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
@@ -236,6 +261,7 @@
236
261
  <param pos="0" name="os.arch" value="x86_64"/>
237
262
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP1"/>
238
263
  </fingerprint>
264
+
239
265
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7601.*$">
240
266
  <description>Windows Server 2008 Datacenter R2 SP1 on x86_64</description>
241
267
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
@@ -247,6 +273,7 @@
247
273
  <param pos="0" name="os.arch" value="x86_64"/>
248
274
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP1"/>
249
275
  </fingerprint>
276
+
250
277
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.2 \(Build 9200.*$">
251
278
  <description>Windows Server 2012 on x86_64</description>
252
279
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: Intel64 Family 6 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.2 (Build 9200 Multiprocessor Free)</example>
@@ -256,7 +283,9 @@
256
283
  <param pos="0" name="os.arch" value="x86_64"/>
257
284
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
258
285
  </fingerprint>
286
+
259
287
  <!-- Various OIDs for Net-SNMP agents which are OS specific -->
288
+
260
289
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.1$">
261
290
  <description>Net-SNMP on hpux9</description>
262
291
  <example>1.3.6.1.4.1.8072.3.2.1</example>
@@ -269,6 +298,7 @@
269
298
  <param pos="0" name="service.product" value="SNMP Agent"/>
270
299
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
271
300
  </fingerprint>
301
+
272
302
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.2$">
273
303
  <description>Net-SNMP on sunos4</description>
274
304
  <example>1.3.6.1.4.1.8072.3.2.2</example>
@@ -280,6 +310,7 @@
280
310
  <param pos="0" name="service.product" value="SNMP Agent"/>
281
311
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
282
312
  </fingerprint>
313
+
283
314
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.3$">
284
315
  <description>Net-SNMP on solaris</description>
285
316
  <example>1.3.6.1.4.1.8072.3.2.3</example>
@@ -291,6 +322,7 @@
291
322
  <param pos="0" name="service.product" value="SNMP Agent"/>
292
323
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
293
324
  </fingerprint>
325
+
294
326
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.4$">
295
327
  <description>Net-SNMP on osf</description>
296
328
  <example>1.3.6.1.4.1.8072.3.2.4</example>
@@ -300,6 +332,7 @@
300
332
  <param pos="0" name="service.product" value="SNMP Agent"/>
301
333
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
302
334
  </fingerprint>
335
+
303
336
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.5$">
304
337
  <description>Net-SNMP on ultrix</description>
305
338
  <example>1.3.6.1.4.1.8072.3.2.5</example>
@@ -309,6 +342,7 @@
309
342
  <param pos="0" name="service.product" value="SNMP Agent"/>
310
343
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
311
344
  </fingerprint>
345
+
312
346
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.6$">
313
347
  <description>Net-SNMP on hpux10</description>
314
348
  <example>1.3.6.1.4.1.8072.3.2.6</example>
@@ -321,6 +355,7 @@
321
355
  <param pos="0" name="service.product" value="SNMP Agent"/>
322
356
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
323
357
  </fingerprint>
358
+
324
359
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.7$">
325
360
  <description>Net-SNMP on netbsd</description>
326
361
  <example>1.3.6.1.4.1.8072.3.2.7</example>
@@ -332,6 +367,7 @@
332
367
  <param pos="0" name="service.product" value="SNMP Agent"/>
333
368
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
334
369
  </fingerprint>
370
+
335
371
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.8$">
336
372
  <description>Net-SNMP on freebsd</description>
337
373
  <example>1.3.6.1.4.1.8072.3.2.8</example>
@@ -343,6 +379,7 @@
343
379
  <param pos="0" name="service.product" value="SNMP Agent"/>
344
380
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
345
381
  </fingerprint>
382
+
346
383
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.9$">
347
384
  <description>Net-SNMP on irix</description>
348
385
  <example>1.3.6.1.4.1.8072.3.2.9</example>
@@ -354,6 +391,7 @@
354
391
  <param pos="0" name="service.product" value="SNMP Agent"/>
355
392
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
356
393
  </fingerprint>
394
+
357
395
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.10$">
358
396
  <description>Net-SNMP on linux</description>
359
397
  <example>1.3.6.1.4.1.8072.3.2.10</example>
@@ -363,6 +401,7 @@
363
401
  <param pos="0" name="service.product" value="SNMP Agent"/>
364
402
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
365
403
  </fingerprint>
404
+
366
405
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.11$">
367
406
  <description>Net-SNMP on bsdi</description>
368
407
  <example>1.3.6.1.4.1.8072.3.2.11</example>
@@ -372,6 +411,7 @@
372
411
  <param pos="0" name="service.product" value="SNMP Agent"/>
373
412
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
374
413
  </fingerprint>
414
+
375
415
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.12$">
376
416
  <description>Net-SNMP on openbsd</description>
377
417
  <example>1.3.6.1.4.1.8072.3.2.12</example>
@@ -383,6 +423,7 @@
383
423
  <param pos="0" name="service.product" value="SNMP Agent"/>
384
424
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
385
425
  </fingerprint>
426
+
386
427
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.13$">
387
428
  <description>Net-SNMP on win32</description>
388
429
  <example>1.3.6.1.4.1.8072.3.2.13</example>
@@ -394,6 +435,7 @@
394
435
  <param pos="0" name="service.product" value="SNMP Agent"/>
395
436
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
396
437
  </fingerprint>
438
+
397
439
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.14$">
398
440
  <description>Net-SNMP on hpux11</description>
399
441
  <example>1.3.6.1.4.1.8072.3.2.14</example>
@@ -406,6 +448,7 @@
406
448
  <param pos="0" name="service.product" value="SNMP Agent"/>
407
449
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
408
450
  </fingerprint>
451
+
409
452
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.15$">
410
453
  <description>Net-SNMP on aix</description>
411
454
  <example>1.3.6.1.4.1.8072.3.2.15</example>
@@ -417,6 +460,7 @@
417
460
  <param pos="0" name="service.product" value="SNMP Agent"/>
418
461
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
419
462
  </fingerprint>
463
+
420
464
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.16$">
421
465
  <description>Net-SNMP on macosx</description>
422
466
  <example>1.3.6.1.4.1.8072.3.2.16</example>
@@ -427,4 +471,5 @@
427
471
  <param pos="0" name="service.product" value="SNMP Agent"/>
428
472
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
429
473
  </fingerprint>
430
- </fingerprints>
474
+
475
+ </fingerprints>
@@ -1,15 +1,17 @@
1
- <?xml version="1.0" encoding="UTF-8"?>
1
+ <?xml version='1.0' encoding='UTF-8'?>
2
2
  <fingerprints matches="ssh.banner" protocol="ssh" database_type="service" preference="0.90">
3
3
  <!--
4
4
  SSH "software revision and comment" strings (official RFC nomenclature for the part of
5
5
  the identification string after "SSH-x.x-") are matched against these patterns to
6
6
  fingerprint SSH servers.
7
7
  -->
8
+
8
9
  <fingerprint pattern="^ArrayOS$">
9
10
  <description>Array Networks device</description>
10
11
  <example>ArrayOS</example>
11
12
  <param pos="0" name="service.vendor" value="Array Networks"/>
12
13
  </fingerprint>
14
+
13
15
  <fingerprint pattern="^RomSShell_([\d\.]+)$">
14
16
  <description>Allegro RomSShell SSH</description>
15
17
  <example service.version="4.62">RomSShell_4.62</example>
@@ -17,11 +19,13 @@
17
19
  <param pos="0" name="service.product" value="RomSShell"/>
18
20
  <param pos="1" name="service.version"/>
19
21
  </fingerprint>
22
+
20
23
  <fingerprint pattern="(?i)^DraySSH_\S+$">
21
24
  <description>DrayTek generic</description>
22
25
  <example>DraySSH_2.0</example>
23
26
  <param pos="0" name="hw.vendor" value="DrayTek"/>
24
27
  </fingerprint>
28
+
25
29
  <fingerprint pattern="^mpSSH_([\d\.]+)$">
26
30
  <description>HP Integrated Lights Out (iLO) usually bundled with HP servers</description>
27
31
  <example service.version="0.0.1">mpSSH_0.0.1</example>
@@ -36,6 +40,7 @@
36
40
  <param pos="0" name="os.family" value="iLO"/>
37
41
  <param pos="0" name="os.device" value="Lights Out Management"/>
38
42
  </fingerprint>
43
+
39
44
  <fingerprint pattern="^Serv-U_([\d\.]+)$">
40
45
  <description>Serv-U SSH</description>
41
46
  <example service.version="7.4.0.1">Serv-U_7.4.0.1</example>
@@ -43,6 +48,7 @@
43
48
  <param pos="0" name="service.product" value="Serv-U"/>
44
49
  <param pos="1" name="service.version"/>
45
50
  </fingerprint>
51
+
46
52
  <fingerprint pattern="WS_FTP-SSH_([\d\.]+)$">
47
53
  <description>WS_FTP Server with SSH</description>
48
54
  <example service.version="6.1.1">WS_FTP-SSH_6.1.1</example>
@@ -52,6 +58,7 @@
52
58
  <param pos="1" name="service.version"/>
53
59
  <param pos="0" name="service.cpe23" value="cpe:/a:ipswitch:ws_ftp:{service.version}"/>
54
60
  </fingerprint>
61
+
55
62
  <fingerprint pattern="IPSSH[-_]([\d\.p]+).*$">
56
63
  <description>VxWorks with version information</description>
57
64
  <example os.version="6.9.0">IPSSH-6.9.0</example>
@@ -60,7 +67,9 @@
60
67
  <param pos="1" name="os.version"/>
61
68
  <param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:{os.version}"/>
62
69
  </fingerprint>
70
+
63
71
  <!-- FreeBSD -->
72
+
64
73
  <fingerprint pattern="^OpenSSH_(2\.3\.0) (green@FreeBSD.org 20010321)$">
65
74
  <description>OpenSSH running on FreeBSD 4.3</description>
66
75
  <example service.version="2.3.0" openssh.comment="green@FreeBSD.org 20010321">OpenSSH_2.3.0 green@FreeBSD.org 20010321</example>
@@ -74,8 +83,9 @@
74
83
  <param pos="0" name="os.family" value="FreeBSD"/>
75
84
  <param pos="0" name="os.product" value="FreeBSD"/>
76
85
  <param pos="0" name="os.version" value="4.3"/>
77
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
86
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.3"/>
78
87
  </fingerprint>
88
+
79
89
  <fingerprint pattern="^OpenSSH_(2\.3\.0) (FreeBSD localisations 20010713)$">
80
90
  <description>OpenSSH running on FreeBSD 4.4</description>
81
91
  <example service.version="2.3.0" openssh.comment="FreeBSD localisations 20010713">OpenSSH_2.3.0 FreeBSD localisations 20010713</example>
@@ -89,8 +99,9 @@
89
99
  <param pos="0" name="os.family" value="FreeBSD"/>
90
100
  <param pos="0" name="os.product" value="FreeBSD"/>
91
101
  <param pos="0" name="os.version" value="4.4"/>
92
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
102
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.4"/>
93
103
  </fingerprint>
104
+
94
105
  <fingerprint pattern="^OpenSSH_(2\.9) (FreeBSD localisations 20011202)$">
95
106
  <description>OpenSSH running on FreeBSD 4.5</description>
96
107
  <example service.version="2.9" openssh.comment="FreeBSD localisations 20011202">OpenSSH_2.9 FreeBSD localisations 20011202</example>
@@ -104,8 +115,9 @@
104
115
  <param pos="0" name="os.family" value="FreeBSD"/>
105
116
  <param pos="0" name="os.product" value="FreeBSD"/>
106
117
  <param pos="0" name="os.version" value="4.5"/>
107
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
118
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.5"/>
108
119
  </fingerprint>
120
+
109
121
  <fingerprint pattern="^OpenSSH_(3\.4p1) (FreeBSD 20020702)$">
110
122
  <description>OpenSSH running on FreeBSD 4.6.2</description>
111
123
  <example service.version="3.4p1" openssh.comment="FreeBSD 20020702">OpenSSH_3.4p1 FreeBSD 20020702</example>
@@ -119,8 +131,9 @@
119
131
  <param pos="0" name="os.family" value="FreeBSD"/>
120
132
  <param pos="0" name="os.product" value="FreeBSD"/>
121
133
  <param pos="0" name="os.version" value="4.6.2"/>
122
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
134
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.6.2"/>
123
135
  </fingerprint>
136
+
124
137
  <fingerprint pattern="^OpenSSH_(2\.9) (FreeBSD localisations 20020307)$">
125
138
  <description>OpenSSH running on FreeBSD 4.6</description>
126
139
  <example service.version="2.9" openssh.comment="FreeBSD localisations 20020307">OpenSSH_2.9 FreeBSD localisations 20020307</example>
@@ -134,8 +147,9 @@
134
147
  <param pos="0" name="os.family" value="FreeBSD"/>
135
148
  <param pos="0" name="os.product" value="FreeBSD"/>
136
149
  <param pos="0" name="os.version" value="4.6"/>
137
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
150
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.6"/>
138
151
  </fingerprint>
152
+
139
153
  <fingerprint pattern="^OpenSSH_(3\.4p1) (FreeBSD-20020702)$">
140
154
  <description>OpenSSH running on FreeBSD 4.7</description>
141
155
  <example service.version="3.4p1" openssh.comment="FreeBSD-20020702">OpenSSH_3.4p1 FreeBSD-20020702</example>
@@ -149,8 +163,9 @@
149
163
  <param pos="0" name="os.family" value="FreeBSD"/>
150
164
  <param pos="0" name="os.product" value="FreeBSD"/>
151
165
  <param pos="0" name="os.version" value="4.7"/>
152
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
166
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.7"/>
153
167
  </fingerprint>
168
+
154
169
  <fingerprint pattern="^OpenSSH_(3\.5p1) (FreeBSD-20030201)$">
155
170
  <description>OpenSSH running on FreeBSD 4.8</description>
156
171
  <example service.version="3.5p1" openssh.comment="FreeBSD-20030201">OpenSSH_3.5p1 FreeBSD-20030201</example>
@@ -164,9 +179,11 @@
164
179
  <param pos="0" name="os.family" value="FreeBSD"/>
165
180
  <param pos="0" name="os.product" value="FreeBSD"/>
166
181
  <param pos="0" name="os.version" value="4.8"/>
167
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
182
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.8"/>
168
183
  </fingerprint>
184
+
169
185
  <!-- Multiple minor version match, assert the oldest version -->
186
+
170
187
  <fingerprint pattern="^OpenSSH_(3\.5p1) (FreeBSD-20030924)$">
171
188
  <description>OpenSSH running on FreeBSD 4.9/4.10 (sometimes 4.11)</description>
172
189
  <example service.version="3.5p1" openssh.comment="FreeBSD-20030924">OpenSSH_3.5p1 FreeBSD-20030924</example>
@@ -180,8 +197,9 @@
180
197
  <param pos="0" name="os.family" value="FreeBSD"/>
181
198
  <param pos="0" name="os.product" value="FreeBSD"/>
182
199
  <param pos="0" name="os.version" value="4.9"/>
183
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
200
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.9"/>
184
201
  </fingerprint>
202
+
185
203
  <fingerprint pattern="^OpenSSH_(3\.5p1) (FreeBSD-20060930)$">
186
204
  <description>OpenSSH running on FreeBSD 4.11</description>
187
205
  <example service.version="3.5p1" openssh.comment="FreeBSD-20060930">OpenSSH_3.5p1 FreeBSD-20060930</example>
@@ -195,8 +213,9 @@
195
213
  <param pos="0" name="os.family" value="FreeBSD"/>
196
214
  <param pos="0" name="os.product" value="FreeBSD"/>
197
215
  <param pos="0" name="os.version" value="4.11"/>
198
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
216
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.11"/>
199
217
  </fingerprint>
218
+
200
219
  <fingerprint pattern="^OpenSSH_(3\.5p1) (FreeBSD-20021029)$">
201
220
  <description>OpenSSH running on FreeBSD 5.0</description>
202
221
  <example service.version="3.5p1" openssh.comment="FreeBSD-20021029">OpenSSH_3.5p1 FreeBSD-20021029</example>
@@ -210,8 +229,9 @@
210
229
  <param pos="0" name="os.family" value="FreeBSD"/>
211
230
  <param pos="0" name="os.product" value="FreeBSD"/>
212
231
  <param pos="0" name="os.version" value="5.0"/>
213
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
232
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:5.0"/>
214
233
  </fingerprint>
234
+
215
235
  <fingerprint pattern="^OpenSSH_(3\.6\.1p1) (FreeBSD-20030423)$">
216
236
  <description>OpenSSH running on FreeBSD 5.1</description>
217
237
  <example service.version="3.6.1p1" openssh.comment="FreeBSD-20030423">OpenSSH_3.6.1p1 FreeBSD-20030423</example>
@@ -225,8 +245,9 @@
225
245
  <param pos="0" name="os.family" value="FreeBSD"/>
226
246
  <param pos="0" name="os.product" value="FreeBSD"/>
227
247
  <param pos="0" name="os.version" value="5.1"/>
228
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
248
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:5.1"/>
229
249
  </fingerprint>
250
+
230
251
  <fingerprint pattern="^OpenSSH_(3\.6\.1p1) (FreeBSD-20030924)$">
231
252
  <description>OpenSSH running on FreeBSD 5.2</description>
232
253
  <example service.version="3.6.1p1" openssh.comment="FreeBSD-20030924">OpenSSH_3.6.1p1 FreeBSD-20030924</example>
@@ -240,9 +261,11 @@
240
261
  <param pos="0" name="os.family" value="FreeBSD"/>
241
262
  <param pos="0" name="os.product" value="FreeBSD"/>
242
263
  <param pos="0" name="os.version" value="5.2"/>
243
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
264
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:5.2"/>
244
265
  </fingerprint>
266
+
245
267
  <!-- Multiple minor version match, assert the oldest version -->
268
+
246
269
  <fingerprint pattern="^OpenSSH_(3\.8\.1p1) (FreeBSD-20040419)$">
247
270
  <description>OpenSSH running on FreeBSD 5.3/5.4</description>
248
271
  <example service.version="3.8.1p1" openssh.comment="FreeBSD-20040419">OpenSSH_3.8.1p1 FreeBSD-20040419</example>
@@ -256,8 +279,9 @@
256
279
  <param pos="0" name="os.family" value="FreeBSD"/>
257
280
  <param pos="0" name="os.product" value="FreeBSD"/>
258
281
  <param pos="0" name="os.version" value="5.3"/>
259
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
282
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:5.3"/>
260
283
  </fingerprint>
284
+
261
285
  <fingerprint pattern="^OpenSSH_(3\.8\.1p1) (FreeBSD-20060123)$">
262
286
  <description>OpenSSH running on FreeBSD 5.5</description>
263
287
  <example service.version="3.8.1p1" openssh.comment="FreeBSD-20060123">OpenSSH_3.8.1p1 FreeBSD-20060123</example>
@@ -271,9 +295,11 @@
271
295
  <param pos="0" name="os.family" value="FreeBSD"/>
272
296
  <param pos="0" name="os.product" value="FreeBSD"/>
273
297
  <param pos="0" name="os.version" value="5.5"/>
274
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
298
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:5.5"/>
275
299
  </fingerprint>
300
+
276
301
  <!-- Multiple minor version match, assert the oldest version -->
302
+
277
303
  <fingerprint pattern="^OpenSSH_(4\.2p1) (FreeBSD-20050903)$">
278
304
  <description>OpenSSH running on FreeBSD 6.0/6.1</description>
279
305
  <example service.version="4.2p1" openssh.comment="FreeBSD-20050903">OpenSSH_4.2p1 FreeBSD-20050903</example>
@@ -287,9 +313,11 @@
287
313
  <param pos="0" name="os.family" value="FreeBSD"/>
288
314
  <param pos="0" name="os.product" value="FreeBSD"/>
289
315
  <param pos="0" name="os.version" value="6.0"/>
290
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
316
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:6.0"/>
291
317
  </fingerprint>
318
+
292
319
  <!-- Spans major versions, do not assert a version number -->
320
+
293
321
  <fingerprint pattern="^OpenSSH_(4\.5p1) (FreeBSD-20061110)$">
294
322
  <description>OpenSSH running on FreeBSD 6.2/6.3/6.4/7.0</description>
295
323
  <example service.version="4.5p1" openssh.comment="FreeBSD-20061110">OpenSSH_4.5p1 FreeBSD-20061110</example>
@@ -304,7 +332,9 @@
304
332
  <param pos="0" name="os.product" value="FreeBSD"/>
305
333
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:-"/>
306
334
  </fingerprint>
335
+
307
336
  <!-- Multiple minor version match, assert the oldest version -->
337
+
308
338
  <fingerprint pattern="^OpenSSH_(5\.1p1) (FreeBSD-20080901)$">
309
339
  <description>OpenSSH running on FreeBSD 7.1/7.2/7.3/7.4</description>
310
340
  <example service.version="5.1p1" openssh.comment="FreeBSD-20080901">OpenSSH_5.1p1 FreeBSD-20080901</example>
@@ -318,8 +348,9 @@
318
348
  <param pos="0" name="os.family" value="FreeBSD"/>
319
349
  <param pos="0" name="os.product" value="FreeBSD"/>
320
350
  <param pos="0" name="os.version" value="7.1"/>
321
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
351
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:7.1"/>
322
352
  </fingerprint>
353
+
323
354
  <fingerprint pattern="^OpenSSH_(5\.2p1) (FreeBSD-20090522)$">
324
355
  <description>OpenSSH running on FreeBSD 8.0</description>
325
356
  <example service.version="5.2p1" openssh.comment="FreeBSD-20090522">OpenSSH_5.2p1 FreeBSD-20090522</example>
@@ -333,9 +364,11 @@
333
364
  <param pos="0" name="os.family" value="FreeBSD"/>
334
365
  <param pos="0" name="os.product" value="FreeBSD"/>
335
366
  <param pos="0" name="os.version" value="8.0"/>
336
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
367
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:8.0"/>
337
368
  </fingerprint>
369
+
338
370
  <!-- Multiple minor version match, assert the oldest version -->
371
+
339
372
  <fingerprint pattern="^OpenSSH_(5\.4p1) (FreeBSD-20100308)$">
340
373
  <description>OpenSSH running on FreeBSD 8.1/8.2</description>
341
374
  <example service.version="5.4p1" openssh.comment="FreeBSD-20100308">OpenSSH_5.4p1 FreeBSD-20100308</example>
@@ -349,8 +382,9 @@
349
382
  <param pos="0" name="os.family" value="FreeBSD"/>
350
383
  <param pos="0" name="os.product" value="FreeBSD"/>
351
384
  <param pos="0" name="os.version" value="8.1"/>
352
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
385
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:8.1"/>
353
386
  </fingerprint>
387
+
354
388
  <fingerprint pattern="^OpenSSH_(5\.4p1_hpn13v11) (FreeBSD-20100308)$">
355
389
  <description>OpenSSH running on FreeBSD 8.3</description>
356
390
  <example service.version="5.4p1_hpn13v11" openssh.comment="FreeBSD-20100308">OpenSSH_5.4p1_hpn13v11 FreeBSD-20100308</example>
@@ -364,8 +398,9 @@
364
398
  <param pos="0" name="os.family" value="FreeBSD"/>
365
399
  <param pos="0" name="os.product" value="FreeBSD"/>
366
400
  <param pos="0" name="os.version" value="8.3"/>
367
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
401
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:8.3"/>
368
402
  </fingerprint>
403
+
369
404
  <fingerprint pattern="^OpenSSH_(6\.1_hpn13v11) (FreeBSD-20120901)$">
370
405
  <description>OpenSSH running on FreeBSD 8.4</description>
371
406
  <example service.version="6.1_hpn13v11" openssh.comment="FreeBSD-20120901">OpenSSH_6.1_hpn13v11 FreeBSD-20120901</example>
@@ -379,9 +414,11 @@
379
414
  <param pos="0" name="os.family" value="FreeBSD"/>
380
415
  <param pos="0" name="os.product" value="FreeBSD"/>
381
416
  <param pos="0" name="os.version" value="8.4"/>
382
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
417
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:8.4"/>
383
418
  </fingerprint>
419
+
384
420
  <!-- Multiple minor version match, assert the oldest version -->
421
+
385
422
  <fingerprint pattern="^OpenSSH_(5\.8p2_hpn13v11) (FreeBSD-20110503)$">
386
423
  <description>OpenSSH running on FreeBSD 9.0/9.1</description>
387
424
  <example service.version="5.8p2_hpn13v11" openssh.comment="FreeBSD-20110503">OpenSSH_5.8p2_hpn13v11 FreeBSD-20110503</example>
@@ -395,8 +432,9 @@
395
432
  <param pos="0" name="os.family" value="FreeBSD"/>
396
433
  <param pos="0" name="os.product" value="FreeBSD"/>
397
434
  <param pos="0" name="os.version" value="9.0"/>
398
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
435
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:9.0"/>
399
436
  </fingerprint>
437
+
400
438
  <fingerprint pattern="^OpenSSH_(6\.2_hpn13v11) (FreeBSD-20130515)$">
401
439
  <description>OpenSSH running on FreeBSD 9.2</description>
402
440
  <example service.version="6.2_hpn13v11" openssh.comment="FreeBSD-20130515">OpenSSH_6.2_hpn13v11 FreeBSD-20130515</example>
@@ -410,9 +448,11 @@
410
448
  <param pos="0" name="os.family" value="FreeBSD"/>
411
449
  <param pos="0" name="os.product" value="FreeBSD"/>
412
450
  <param pos="0" name="os.version" value="9.2"/>
413
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
451
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:9.2"/>
414
452
  </fingerprint>
453
+
415
454
  <!-- Spans major versions, do not assert a version number -->
455
+
416
456
  <fingerprint pattern="^OpenSSH_(6\.6\.1_hpn13v11) (FreeBSD-20140420)$">
417
457
  <description>OpenSSH running on FreeBSD 9.3/10.1/10.2</description>
418
458
  <example service.version="6.6.1_hpn13v11" openssh.comment="FreeBSD-20140420">OpenSSH_6.6.1_hpn13v11 FreeBSD-20140420</example>
@@ -427,6 +467,7 @@
427
467
  <param pos="0" name="os.product" value="FreeBSD"/>
428
468
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:-"/>
429
469
  </fingerprint>
470
+
430
471
  <fingerprint pattern="^OpenSSH_(6\.4_hpn13v11) (FreeBSD-20131111)$">
431
472
  <description>OpenSSH running on FreeBSD 10.0</description>
432
473
  <example service.version="6.4_hpn13v11" openssh.comment="FreeBSD-20131111">OpenSSH_6.4_hpn13v11 FreeBSD-20131111</example>
@@ -440,9 +481,11 @@
440
481
  <param pos="0" name="os.family" value="FreeBSD"/>
441
482
  <param pos="0" name="os.product" value="FreeBSD"/>
442
483
  <param pos="0" name="os.version" value="10.0"/>
443
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
484
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:10.0"/>
444
485
  </fingerprint>
486
+
445
487
  <!-- Spans major versions, do not assert a version number -->
488
+
446
489
  <fingerprint pattern="^OpenSSH_(7\.2) (FreeBSD-20160310)$">
447
490
  <description>OpenSSH running on FreeBSD 10.3/11.0</description>
448
491
  <example service.version="7.2" openssh.comment="FreeBSD-20160310">OpenSSH_7.2 FreeBSD-20160310</example>
@@ -457,6 +500,7 @@
457
500
  <param pos="0" name="os.product" value="FreeBSD"/>
458
501
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:-"/>
459
502
  </fingerprint>
503
+
460
504
  <fingerprint pattern="^OpenSSH_(7\.3) (FreeBSD-20170902)$">
461
505
  <description>OpenSSH running on FreeBSD 10.4</description>
462
506
  <example service.version="7.3" openssh.comment="FreeBSD-20170902">OpenSSH_7.3 FreeBSD-20170902</example>
@@ -470,8 +514,9 @@
470
514
  <param pos="0" name="os.family" value="FreeBSD"/>
471
515
  <param pos="0" name="os.product" value="FreeBSD"/>
472
516
  <param pos="0" name="os.version" value="10.4"/>
473
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
517
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:10.4"/>
474
518
  </fingerprint>
519
+
475
520
  <fingerprint pattern="^OpenSSH_(7\.2) (FreeBSD-20161230)$">
476
521
  <description>OpenSSH running on FreeBSD 11.1</description>
477
522
  <example service.version="7.2" openssh.comment="FreeBSD-20161230">OpenSSH_7.2 FreeBSD-20161230</example>
@@ -485,9 +530,11 @@
485
530
  <param pos="0" name="os.family" value="FreeBSD"/>
486
531
  <param pos="0" name="os.product" value="FreeBSD"/>
487
532
  <param pos="0" name="os.version" value="11.1"/>
488
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
533
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:11.1"/>
489
534
  </fingerprint>
535
+
490
536
  <!-- Multiple minor version match, assert the oldest version -->
537
+
491
538
  <fingerprint pattern="^OpenSSH_(7\.5) (FreeBSD-20170903)$">
492
539
  <description>OpenSSH running on FreeBSD 11.2/11.3</description>
493
540
  <example service.version="7.5" openssh.comment="FreeBSD-20170903">OpenSSH_7.5 FreeBSD-20170903</example>
@@ -501,8 +548,9 @@
501
548
  <param pos="0" name="os.family" value="FreeBSD"/>
502
549
  <param pos="0" name="os.product" value="FreeBSD"/>
503
550
  <param pos="0" name="os.version" value="11.2"/>
504
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
551
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:11.2"/>
505
552
  </fingerprint>
553
+
506
554
  <fingerprint pattern="^OpenSSH_(7\.8) (FreeBSD-20180909)$">
507
555
  <description>OpenSSH running on FreeBSD 12.0</description>
508
556
  <example service.version="7.8" openssh.comment="FreeBSD-20180909">OpenSSH_7.8 FreeBSD-20180909</example>
@@ -516,8 +564,9 @@
516
564
  <param pos="0" name="os.family" value="FreeBSD"/>
517
565
  <param pos="0" name="os.product" value="FreeBSD"/>
518
566
  <param pos="0" name="os.version" value="12.0"/>
519
- <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
567
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:12.0"/>
520
568
  </fingerprint>
569
+
521
570
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(FreeBSD[ -].*)$">
522
571
  <description>OpenSSH running on FreeBSD</description>
523
572
  <example service.version="7.2" openssh.comment="FreeBSD-20160311">OpenSSH_7.2 FreeBSD-20160311</example>
@@ -532,7 +581,9 @@
532
581
  <param pos="0" name="os.product" value="FreeBSD"/>
533
582
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:-"/>
534
583
  </fingerprint>
584
+
535
585
  <!-- NetBSD -->
586
+
536
587
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(NetBSD(?:_Secure_Shell)?[ -].*)$">
537
588
  <description>OpenSSH running on NetBSD</description>
538
589
  <example service.version="7.2" openssh.comment="NetBSD-20100308">OpenSSH_7.2 NetBSD-20100308</example>
@@ -548,7 +599,9 @@
548
599
  <param pos="0" name="os.product" value="NetBSD"/>
549
600
  <param pos="0" name="os.cpe23" value="cpe:/o:netbsd:netbsd:-"/>
550
601
  </fingerprint>
602
+
551
603
  <!-- Ubuntu -->
604
+
552
605
  <fingerprint pattern="^OpenSSH_(3\.8\.1p1) (Debian-11ubuntu\d+(?:\.\d+)?)$">
553
606
  <description>OpenSSH running on Ubuntu 4.10</description>
554
607
  <example service.version="3.8.1p1" openssh.comment="Debian-11ubuntu3">OpenSSH_3.8.1p1 Debian-11ubuntu3</example>
@@ -562,8 +615,9 @@
562
615
  <param pos="0" name="os.family" value="Linux"/>
563
616
  <param pos="0" name="os.product" value="Linux"/>
564
617
  <param pos="0" name="os.version" value="4.10"/>
565
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
618
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:4.10"/>
566
619
  </fingerprint>
620
+
567
621
  <fingerprint pattern="^OpenSSH_(3\.9p1) (Debian-1ubuntu\d+(?:\.\d+)?)$">
568
622
  <description>OpenSSH running on Ubuntu 5.04</description>
569
623
  <example service.version="3.9p1" openssh.comment="Debian-1ubuntu2">OpenSSH_3.9p1 Debian-1ubuntu2</example>
@@ -577,8 +631,9 @@
577
631
  <param pos="0" name="os.family" value="Linux"/>
578
632
  <param pos="0" name="os.product" value="Linux"/>
579
633
  <param pos="0" name="os.version" value="5.04"/>
580
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
634
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:5.04"/>
581
635
  </fingerprint>
636
+
582
637
  <fingerprint pattern="^OpenSSH_(4\.1p1) (Debian-7ubuntu\d+(?:\.\d+)?)$">
583
638
  <description>OpenSSH running on Ubuntu 5.10</description>
584
639
  <example service.version="4.1p1" openssh.comment="Debian-7ubuntu4">OpenSSH_4.1p1 Debian-7ubuntu4</example>
@@ -592,8 +647,9 @@
592
647
  <param pos="0" name="os.family" value="Linux"/>
593
648
  <param pos="0" name="os.product" value="Linux"/>
594
649
  <param pos="0" name="os.version" value="5.10"/>
595
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
650
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:5.10"/>
596
651
  </fingerprint>
652
+
597
653
  <fingerprint pattern="^OpenSSH_(4\.2p1) (Debian-7ubuntu\d+(?:\.\d+)?)$">
598
654
  <description>OpenSSH running on Ubuntu 6.04</description>
599
655
  <example service.version="4.2p1" openssh.comment="Debian-7ubuntu3.1">OpenSSH_4.2p1 Debian-7ubuntu3.1</example>
@@ -608,8 +664,9 @@
608
664
  <param pos="0" name="os.family" value="Linux"/>
609
665
  <param pos="0" name="os.product" value="Linux"/>
610
666
  <param pos="0" name="os.version" value="6.04"/>
611
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
667
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:6.04"/>
612
668
  </fingerprint>
669
+
613
670
  <fingerprint pattern="^OpenSSH_(4\.3p2) (Debian-8ubuntu\d+(?:\.\d+)?)$">
614
671
  <description>OpenSSH running on Ubuntu 7.04</description>
615
672
  <example service.version="4.3p2" openssh.comment="Debian-8ubuntu1.4">OpenSSH_4.3p2 Debian-8ubuntu1.4</example>
@@ -623,8 +680,9 @@
623
680
  <param pos="0" name="os.family" value="Linux"/>
624
681
  <param pos="0" name="os.product" value="Linux"/>
625
682
  <param pos="0" name="os.version" value="7.04"/>
626
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
683
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:7.04"/>
627
684
  </fingerprint>
685
+
628
686
  <fingerprint pattern="^OpenSSH_(4\.6p1) (Debian-5ubuntu\d+(?:\.\d+)?)$">
629
687
  <description>OpenSSH running on Ubuntu 7.10</description>
630
688
  <example service.version="4.6p1" openssh.comment="Debian-5ubuntu0.2">OpenSSH_4.6p1 Debian-5ubuntu0.2</example>
@@ -641,8 +699,9 @@
641
699
  <param pos="0" name="os.family" value="Linux"/>
642
700
  <param pos="0" name="os.product" value="Linux"/>
643
701
  <param pos="0" name="os.version" value="7.10"/>
644
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
702
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:7.10"/>
645
703
  </fingerprint>
704
+
646
705
  <fingerprint pattern="^OpenSSH_(4\.7p1) (Debian-8ubuntu\d+(?:\.\d+)?)$">
647
706
  <description>OpenSSH running on Ubuntu 8.04</description>
648
707
  <example service.version="4.7p1" openssh.comment="Debian-8ubuntu1.2">OpenSSH_4.7p1 Debian-8ubuntu1.2</example>
@@ -657,8 +716,9 @@
657
716
  <param pos="0" name="os.family" value="Linux"/>
658
717
  <param pos="0" name="os.product" value="Linux"/>
659
718
  <param pos="0" name="os.version" value="8.04"/>
660
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
719
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:8.04"/>
661
720
  </fingerprint>
721
+
662
722
  <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-3ubuntu\d+(?:\.\d+)?)$">
663
723
  <description>OpenSSH running on Ubuntu 8.10</description>
664
724
  <example service.version="5.1p1" openssh.comment="Debian-3ubuntu1">OpenSSH_5.1p1 Debian-3ubuntu1</example>
@@ -672,8 +732,9 @@
672
732
  <param pos="0" name="os.family" value="Linux"/>
673
733
  <param pos="0" name="os.product" value="Linux"/>
674
734
  <param pos="0" name="os.version" value="8.10"/>
675
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
735
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:8.10"/>
676
736
  </fingerprint>
737
+
677
738
  <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-5ubuntu\d+(?:\.\d+)?)$">
678
739
  <description>OpenSSH running on Ubuntu 9.04</description>
679
740
  <example service.version="5.1p1" openssh.comment="Debian-5ubuntu1">OpenSSH_5.1p1 Debian-5ubuntu1</example>
@@ -687,8 +748,9 @@
687
748
  <param pos="0" name="os.family" value="Linux"/>
688
749
  <param pos="0" name="os.product" value="Linux"/>
689
750
  <param pos="0" name="os.version" value="9.04"/>
690
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
751
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:9.04"/>
691
752
  </fingerprint>
753
+
692
754
  <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-6ubuntu\d+(?:\.\d+)?)$">
693
755
  <description>OpenSSH running on Ubuntu 9.10</description>
694
756
  <example service.version="5.1p1" openssh.comment="Debian-6ubuntu2">OpenSSH_5.1p1 Debian-6ubuntu2</example>
@@ -702,8 +764,9 @@
702
764
  <param pos="0" name="os.family" value="Linux"/>
703
765
  <param pos="0" name="os.product" value="Linux"/>
704
766
  <param pos="0" name="os.version" value="9.10"/>
705
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
767
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:9.10"/>
706
768
  </fingerprint>
769
+
707
770
  <fingerprint pattern="^OpenSSH_(5\.3p1) (Debian-3ubuntu\d+(?:\.\d+)?)$">
708
771
  <description>OpenSSH running on Ubuntu 10.04 (lucid)</description>
709
772
  <example service.version="5.3p1" openssh.comment="Debian-3ubuntu3">OpenSSH_5.3p1 Debian-3ubuntu3</example>
@@ -722,8 +785,9 @@
722
785
  <param pos="0" name="os.family" value="Linux"/>
723
786
  <param pos="0" name="os.product" value="Linux"/>
724
787
  <param pos="0" name="os.version" value="10.04"/>
725
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
788
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:10.04"/>
726
789
  </fingerprint>
790
+
727
791
  <fingerprint pattern="^OpenSSH_(5\.5p1) (Debian-4ubuntu\d+(?:\.\d+)?)$">
728
792
  <description>OpenSSH running on Ubuntu 10.10</description>
729
793
  <example service.version="5.5p1" openssh.comment="Debian-4ubuntu4">OpenSSH_5.5p1 Debian-4ubuntu4</example>
@@ -739,8 +803,9 @@
739
803
  <param pos="0" name="os.family" value="Linux"/>
740
804
  <param pos="0" name="os.product" value="Linux"/>
741
805
  <param pos="0" name="os.version" value="10.10"/>
742
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
806
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:10.10"/>
743
807
  </fingerprint>
808
+
744
809
  <fingerprint pattern="^OpenSSH_(5\.8p1) (Debian-1ubuntu\d(?:\.\d)?)$">
745
810
  <description>OpenSSH running on Ubuntu 11.04</description>
746
811
  <example service.version="5.8p1" openssh.comment="Debian-1ubuntu3">OpenSSH_5.8p1 Debian-1ubuntu3</example>
@@ -754,8 +819,9 @@
754
819
  <param pos="0" name="os.family" value="Linux"/>
755
820
  <param pos="0" name="os.product" value="Linux"/>
756
821
  <param pos="0" name="os.version" value="11.04"/>
757
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
822
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:11.04"/>
758
823
  </fingerprint>
824
+
759
825
  <fingerprint pattern="^OpenSSH_(5\.8p1) (Debian-7ubuntu\d(?:\.\d)?)$">
760
826
  <description>OpenSSH running on Ubuntu 11.10</description>
761
827
  <example service.version="5.8p1" openssh.comment="Debian-7ubuntu1">OpenSSH_5.8p1 Debian-7ubuntu1</example>
@@ -769,8 +835,9 @@
769
835
  <param pos="0" name="os.family" value="Linux"/>
770
836
  <param pos="0" name="os.product" value="Linux"/>
771
837
  <param pos="0" name="os.version" value="11.10"/>
772
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
838
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:11.10"/>
773
839
  </fingerprint>
840
+
774
841
  <fingerprint pattern="^OpenSSH_(5\.9p1) (Debian-5ubuntu\d(?:\.\d)?)$">
775
842
  <description>OpenSSH running on Ubuntu 12.04</description>
776
843
  <example service.version="5.9p1" openssh.comment="Debian-5ubuntu1">OpenSSH_5.9p1 Debian-5ubuntu1</example>
@@ -785,8 +852,9 @@
785
852
  <param pos="0" name="os.family" value="Linux"/>
786
853
  <param pos="0" name="os.product" value="Linux"/>
787
854
  <param pos="0" name="os.version" value="12.04"/>
788
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
855
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:12.04"/>
789
856
  </fingerprint>
857
+
790
858
  <fingerprint pattern="^OpenSSH_(6\.0p1) (Debian-3ubuntu\d(?:\.\d)?)$">
791
859
  <description>OpenSSH running on Ubuntu 12.10</description>
792
860
  <example service.version="6.0p1" openssh.comment="Debian-3ubuntu1">OpenSSH_6.0p1 Debian-3ubuntu1</example>
@@ -801,8 +869,9 @@
801
869
  <param pos="0" name="os.family" value="Linux"/>
802
870
  <param pos="0" name="os.product" value="Linux"/>
803
871
  <param pos="0" name="os.version" value="12.10"/>
804
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
872
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:12.10"/>
805
873
  </fingerprint>
874
+
806
875
  <fingerprint pattern="^OpenSSH_(6\.1p1) (Debian-4)$">
807
876
  <description>OpenSSH running on Ubuntu 13.04</description>
808
877
  <example service.version="6.1p1" openssh.comment="Debian-4">OpenSSH_6.1p1 Debian-4</example>
@@ -816,8 +885,9 @@
816
885
  <param pos="0" name="os.family" value="Linux"/>
817
886
  <param pos="0" name="os.product" value="Linux"/>
818
887
  <param pos="0" name="os.version" value="13.04"/>
819
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
888
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:13.04"/>
820
889
  </fingerprint>
890
+
821
891
  <fingerprint pattern="^OpenSSH_(6\.2p2) (Ubuntu-6unbuntu\d(?:\.\d)?)$">
822
892
  <description>OpenSSH running on Ubuntu 13.10</description>
823
893
  <example service.version="6.2p2" openssh.comment="Ubuntu-6unbuntu0.4">OpenSSH_6.2p2 Ubuntu-6unbuntu0.4</example>
@@ -831,8 +901,9 @@
831
901
  <param pos="0" name="os.family" value="Linux"/>
832
902
  <param pos="0" name="os.product" value="Linux"/>
833
903
  <param pos="0" name="os.version" value="13.10"/>
834
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
904
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:13.10"/>
835
905
  </fingerprint>
906
+
836
907
  <fingerprint pattern="^OpenSSH_(\d+\.\d+(?:\.\d+)?(?:p\d+)?)[_|-](hpn\d+v\d+)$">
837
908
  <description>OpenSSH with HPN patches</description>
838
909
  <example service.version="6.1" openssh.comment="hpn13v11">OpenSSH_6.1_hpn13v11</example>
@@ -845,6 +916,7 @@
845
916
  <param pos="0" name="service.product" value="OpenSSH"/>
846
917
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
847
918
  </fingerprint>
919
+
848
920
  <fingerprint pattern="^OpenSSH_(6\.6(?:\.\d)?p1) (Ubuntu-2ubuntu\d+(?:\.\d+)?)$">
849
921
  <description>OpenSSH running on Ubuntu 14.04</description>
850
922
  <example service.version="6.6p1" openssh.comment="Ubuntu-2ubuntu1">OpenSSH_6.6p1 Ubuntu-2ubuntu1</example>
@@ -859,8 +931,9 @@
859
931
  <param pos="0" name="os.family" value="Linux"/>
860
932
  <param pos="0" name="os.product" value="Linux"/>
861
933
  <param pos="0" name="os.version" value="14.04"/>
862
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
934
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:14.04"/>
863
935
  </fingerprint>
936
+
864
937
  <fingerprint pattern="^OpenSSH_(6\.6\.1p1) (Ubuntu-8)$">
865
938
  <description>OpenSSH running on Ubuntu 14.10</description>
866
939
  <example service.version="6.6.1p1" openssh.comment="Ubuntu-8">OpenSSH_6.6.1p1 Ubuntu-8</example>
@@ -874,8 +947,9 @@
874
947
  <param pos="0" name="os.family" value="Linux"/>
875
948
  <param pos="0" name="os.product" value="Linux"/>
876
949
  <param pos="0" name="os.version" value="14.10"/>
877
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
950
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:14.10"/>
878
951
  </fingerprint>
952
+
879
953
  <fingerprint pattern="^OpenSSH_(6\.7p1) (Ubuntu-5ubuntu\d(?:\.\d)?)$">
880
954
  <description>OpenSSH running on Ubuntu 15.04 (vivid)</description>
881
955
  <example service.version="6.7p1" openssh.comment="Ubuntu-5ubuntu1">OpenSSH_6.7p1 Ubuntu-5ubuntu1</example>
@@ -889,8 +963,9 @@
889
963
  <param pos="0" name="os.family" value="Linux"/>
890
964
  <param pos="0" name="os.product" value="Linux"/>
891
965
  <param pos="0" name="os.version" value="15.04"/>
892
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
966
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:15.04"/>
893
967
  </fingerprint>
968
+
894
969
  <fingerprint pattern="^OpenSSH_(6\.9p1) (Ubuntu-2)$">
895
970
  <description>OpenSSH running on Ubuntu 15.10</description>
896
971
  <example service.version="6.9p1" openssh.comment="Ubuntu-2">OpenSSH_6.9p1 Ubuntu-2</example>
@@ -904,8 +979,9 @@
904
979
  <param pos="0" name="os.family" value="Linux"/>
905
980
  <param pos="0" name="os.product" value="Linux"/>
906
981
  <param pos="0" name="os.version" value="15.10"/>
907
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
982
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:15.10"/>
908
983
  </fingerprint>
984
+
909
985
  <fingerprint pattern="^OpenSSH_(7\.2p2) (Ubuntu-4ubuntu\d(?:\.\d)?)$">
910
986
  <description>OpenSSH running on Ubuntu 16.04 (vivid)</description>
911
987
  <example service.version="7.2p2" openssh.comment="Ubuntu-4ubuntu2.7">OpenSSH_7.2p2 Ubuntu-4ubuntu2.7</example>
@@ -919,8 +995,9 @@
919
995
  <param pos="0" name="os.family" value="Linux"/>
920
996
  <param pos="0" name="os.product" value="Linux"/>
921
997
  <param pos="0" name="os.version" value="16.04"/>
922
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
998
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:16.04"/>
923
999
  </fingerprint>
1000
+
924
1001
  <fingerprint pattern="^OpenSSH_(7\.3p1) (Ubuntu-1)$">
925
1002
  <description>OpenSSH running on Ubuntu 16.10</description>
926
1003
  <example service.version="7.3p1" openssh.comment="Ubuntu-1">OpenSSH_7.3p1 Ubuntu-1</example>
@@ -934,8 +1011,9 @@
934
1011
  <param pos="0" name="os.family" value="Linux"/>
935
1012
  <param pos="0" name="os.product" value="Linux"/>
936
1013
  <param pos="0" name="os.version" value="16.10"/>
937
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
1014
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:16.10"/>
938
1015
  </fingerprint>
1016
+
939
1017
  <fingerprint pattern="^OpenSSH_(7\.4p1) (Ubuntu-10)$">
940
1018
  <description>OpenSSH running on Ubuntu 17.04</description>
941
1019
  <example service.version="7.4p1" openssh.comment="Ubuntu-10">OpenSSH_7.4p1 Ubuntu-10</example>
@@ -949,8 +1027,9 @@
949
1027
  <param pos="0" name="os.family" value="Linux"/>
950
1028
  <param pos="0" name="os.product" value="Linux"/>
951
1029
  <param pos="0" name="os.version" value="17.04"/>
952
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
1030
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:17.04"/>
953
1031
  </fingerprint>
1032
+
954
1033
  <fingerprint pattern="^OpenSSH_(7\.5p1) (Ubuntu-10ubuntu\d(?:\.\d)?)$">
955
1034
  <description>OpenSSH running on Ubuntu 17.10</description>
956
1035
  <example service.version="7.5p1" openssh.comment="Ubuntu-10ubuntu0.1">OpenSSH_7.5p1 Ubuntu-10ubuntu0.1</example>
@@ -964,8 +1043,9 @@
964
1043
  <param pos="0" name="os.family" value="Linux"/>
965
1044
  <param pos="0" name="os.product" value="Linux"/>
966
1045
  <param pos="0" name="os.version" value="17.10"/>
967
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
1046
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:17.10"/>
968
1047
  </fingerprint>
1048
+
969
1049
  <fingerprint pattern="^OpenSSH_(7\.6p1) (Ubuntu-4ubuntu\d(?:\.\d)?)$">
970
1050
  <description>OpenSSH running on Ubuntu 18.04</description>
971
1051
  <example service.version="7.6p1" openssh.comment="Ubuntu-4ubuntu0.3">OpenSSH_7.6p1 Ubuntu-4ubuntu0.3</example>
@@ -979,8 +1059,9 @@
979
1059
  <param pos="0" name="os.family" value="Linux"/>
980
1060
  <param pos="0" name="os.product" value="Linux"/>
981
1061
  <param pos="0" name="os.version" value="18.04"/>
982
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
1062
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:18.04"/>
983
1063
  </fingerprint>
1064
+
984
1065
  <fingerprint pattern="^OpenSSH_(7\.7p1) (Ubuntu-4)$">
985
1066
  <description>OpenSSH running on Ubuntu 18.10</description>
986
1067
  <example service.version="7.7p1" openssh.comment="Ubuntu-4">OpenSSH_7.7p1 Ubuntu-4</example>
@@ -994,8 +1075,9 @@
994
1075
  <param pos="0" name="os.family" value="Linux"/>
995
1076
  <param pos="0" name="os.product" value="Linux"/>
996
1077
  <param pos="0" name="os.version" value="18.10"/>
997
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
1078
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:18.10"/>
998
1079
  </fingerprint>
1080
+
999
1081
  <fingerprint pattern="^OpenSSH_(7\.9p1) (Ubuntu-10)$">
1000
1082
  <description>OpenSSH running on Ubuntu 19.04</description>
1001
1083
  <example service.version="7.9p1" openssh.comment="Ubuntu-10">OpenSSH_7.9p1 Ubuntu-10</example>
@@ -1009,8 +1091,9 @@
1009
1091
  <param pos="0" name="os.family" value="Linux"/>
1010
1092
  <param pos="0" name="os.product" value="Linux"/>
1011
1093
  <param pos="0" name="os.version" value="19.04"/>
1012
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
1094
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:19.04"/>
1013
1095
  </fingerprint>
1096
+
1014
1097
  <fingerprint pattern="^OpenSSH_(8\.0p1) (Ubuntu-6build1)$">
1015
1098
  <description>OpenSSH running on Ubuntu 19.10</description>
1016
1099
  <example service.version="8.0p1" openssh.comment="Ubuntu-6build1">OpenSSH_8.0p1 Ubuntu-6build1</example>
@@ -1024,8 +1107,9 @@
1024
1107
  <param pos="0" name="os.family" value="Linux"/>
1025
1108
  <param pos="0" name="os.product" value="Linux"/>
1026
1109
  <param pos="0" name="os.version" value="19.10"/>
1027
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
1110
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:19.10"/>
1028
1111
  </fingerprint>
1112
+
1029
1113
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Ubuntu-\d\d?)$">
1030
1114
  <description>OpenSSH running on Ubuntu (unknown release)</description>
1031
1115
  <example service.version="7.6p1" openssh.comment="Ubuntu-2">OpenSSH_7.6p1 Ubuntu-2</example>
@@ -1040,6 +1124,7 @@
1040
1124
  <param pos="0" name="os.product" value="Linux"/>
1041
1125
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:-"/>
1042
1126
  </fingerprint>
1127
+
1043
1128
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+((?:Debian|Ubuntu).+ubuntu.*)$">
1044
1129
  <description>OpenSSH running on Ubuntu</description>
1045
1130
  <example service.version="7.2p3" openssh.comment="Ubuntu-4ubuntu2.2">OpenSSH_7.2p3 Ubuntu-4ubuntu2.2</example>
@@ -1055,7 +1140,9 @@
1055
1140
  <param pos="0" name="os.certainty" value="0.75"/>
1056
1141
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:-"/>
1057
1142
  </fingerprint>
1143
+
1058
1144
  <!-- Debian -->
1145
+
1059
1146
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian.+woody.*)$">
1060
1147
  <description>OpenSSH running on Debian 3.0 (woody)</description>
1061
1148
  <example service.version="3.4p1" openssh.comment="Debian 1:3.4p1-1.woody.3">OpenSSH_3.4p1 Debian 1:3.4p1-1.woody.3</example>
@@ -1069,8 +1156,9 @@
1069
1156
  <param pos="0" name="os.family" value="Linux"/>
1070
1157
  <param pos="0" name="os.product" value="Linux"/>
1071
1158
  <param pos="0" name="os.version" value="3.0"/>
1072
- <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:{os.version}"/>
1159
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:3.0"/>
1073
1160
  </fingerprint>
1161
+
1074
1162
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian.+sarge.*)$">
1075
1163
  <description>OpenSSH running on Debian 3.1 (sarge)</description>
1076
1164
  <example service.version="3.8.1p1" openssh.comment="Debian-8.sarge.4">OpenSSH_3.8.1p1 Debian-8.sarge.4</example>
@@ -1084,8 +1172,9 @@
1084
1172
  <param pos="0" name="os.family" value="Linux"/>
1085
1173
  <param pos="0" name="os.product" value="Linux"/>
1086
1174
  <param pos="0" name="os.version" value="3.1"/>
1087
- <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:{os.version}"/>
1175
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:3.1"/>
1088
1176
  </fingerprint>
1177
+
1089
1178
  <fingerprint pattern="^OpenSSH_(4\.3p2) (Debian-9.*)$">
1090
1179
  <description>OpenSSH running on Debian 4.0 (etch)</description>
1091
1180
  <example service.version="4.3p2" openssh.comment="Debian-9">OpenSSH_4.3p2 Debian-9</example>
@@ -1100,8 +1189,9 @@
1100
1189
  <param pos="0" name="os.family" value="Linux"/>
1101
1190
  <param pos="0" name="os.product" value="Linux"/>
1102
1191
  <param pos="0" name="os.version" value="4.0"/>
1103
- <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:{os.version}"/>
1192
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:4.0"/>
1104
1193
  </fingerprint>
1194
+
1105
1195
  <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-5)$">
1106
1196
  <description>OpenSSH running on Debian 5.0 (also 5.10)</description>
1107
1197
  <example service.version="5.1p1" openssh.comment="Debian-5">OpenSSH_5.1p1 Debian-5</example>
@@ -1115,8 +1205,9 @@
1115
1205
  <param pos="0" name="os.family" value="Linux"/>
1116
1206
  <param pos="0" name="os.product" value="Linux"/>
1117
1207
  <param pos="0" name="os.version" value="5.0"/>
1118
- <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:{os.version}"/>
1208
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:5.0"/>
1119
1209
  </fingerprint>
1210
+
1120
1211
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-\d+[+~]squeeze.*)$">
1121
1212
  <description>OpenSSH running on Debian 6.0 (squeeze)</description>
1122
1213
  <example service.version="5.5p1" openssh.comment="Debian-6+squeeze4">OpenSSH_5.5p1 Debian-6+squeeze4</example>
@@ -1132,8 +1223,9 @@
1132
1223
  <param pos="0" name="os.family" value="Linux"/>
1133
1224
  <param pos="0" name="os.product" value="Linux"/>
1134
1225
  <param pos="0" name="os.version" value="6.0"/>
1135
- <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:{os.version}"/>
1226
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:6.0"/>
1136
1227
  </fingerprint>
1228
+
1137
1229
  <fingerprint pattern="^OpenSSH_(5\.5p1) (Debian-6)$">
1138
1230
  <description>OpenSSH running on Debian 6.0 (w/o squeeze in banner)</description>
1139
1231
  <example service.version="5.5p1" openssh.comment="Debian-6">OpenSSH_5.5p1 Debian-6</example>
@@ -1147,9 +1239,11 @@
1147
1239
  <param pos="0" name="os.family" value="Linux"/>
1148
1240
  <param pos="0" name="os.product" value="Linux"/>
1149
1241
  <param pos="0" name="os.version" value="6.0"/>
1150
- <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:{os.version}"/>
1242
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:6.0"/>
1151
1243
  </fingerprint>
1244
+
1152
1245
  <!-- More specific than and should preceed the 7.0 match -->
1246
+
1153
1247
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-4\+deb7u2)$">
1154
1248
  <description>OpenSSH running on Debian 7.8 (wheezy)</description>
1155
1249
  <example service.version="6.0p1" openssh.comment="Debian-4+deb7u2">OpenSSH_6.0p1 Debian-4+deb7u2</example>
@@ -1163,8 +1257,9 @@
1163
1257
  <param pos="0" name="os.family" value="Linux"/>
1164
1258
  <param pos="0" name="os.product" value="Linux"/>
1165
1259
  <param pos="0" name="os.version" value="7.8"/>
1166
- <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:{os.version}"/>
1260
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:7.8"/>
1167
1261
  </fingerprint>
1262
+
1168
1263
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-4(?:\+deb7u\d+)?)$">
1169
1264
  <description>OpenSSH running on Debian 7.x (wheezy)</description>
1170
1265
  <example service.version="6.0p1" openssh.comment="Debian-4">OpenSSH_6.0p1 Debian-4</example>
@@ -1179,8 +1274,9 @@
1179
1274
  <param pos="0" name="os.family" value="Linux"/>
1180
1275
  <param pos="0" name="os.product" value="Linux"/>
1181
1276
  <param pos="0" name="os.version" value="7.0"/>
1182
- <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:{os.version}"/>
1277
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:7.0"/>
1183
1278
  </fingerprint>
1279
+
1184
1280
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-\d~bpo7\d?\+\d+)$">
1185
1281
  <description>OpenSSH backport running on Debian 7.x (wheezy)</description>
1186
1282
  <example service.version="6.6.1p1" openssh.comment="Debian-4~bpo70+1">OpenSSH_6.6.1p1 Debian-4~bpo70+1</example>
@@ -1195,8 +1291,9 @@
1195
1291
  <param pos="0" name="os.family" value="Linux"/>
1196
1292
  <param pos="0" name="os.product" value="Linux"/>
1197
1293
  <param pos="0" name="os.version" value="7.0"/>
1198
- <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:{os.version}"/>
1294
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:7.0"/>
1199
1295
  </fingerprint>
1296
+
1200
1297
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-5\+deb8u\d+.*)$">
1201
1298
  <description>OpenSSH running on Debian 8.x (jessie)</description>
1202
1299
  <example service.version="6.7p1" openssh.comment="Debian-5+deb8u2">OpenSSH_6.7p1 Debian-5+deb8u2</example>
@@ -1212,8 +1309,9 @@
1212
1309
  <param pos="0" name="os.family" value="Linux"/>
1213
1310
  <param pos="0" name="os.product" value="Linux"/>
1214
1311
  <param pos="0" name="os.version" value="8.0"/>
1215
- <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:{os.version}"/>
1312
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:8.0"/>
1216
1313
  </fingerprint>
1314
+
1217
1315
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-\d\d?\+deb9u\d+)$">
1218
1316
  <description>OpenSSH running on Debian 9.x (stretch)</description>
1219
1317
  <example service.version="7.4p1" openssh.comment="Debian-10+deb9u1">OpenSSH_7.4p1 Debian-10+deb9u1</example>
@@ -1228,8 +1326,9 @@
1228
1326
  <param pos="0" name="os.family" value="Linux"/>
1229
1327
  <param pos="0" name="os.product" value="Linux"/>
1230
1328
  <param pos="0" name="os.version" value="9.0"/>
1231
- <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:{os.version}"/>
1329
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:9.0"/>
1232
1330
  </fingerprint>
1331
+
1233
1332
  <fingerprint pattern="^OpenSSH_(7\.9p1) (Debian-10|Debian-\d\d?\+deb10u\d+)$">
1234
1333
  <description>OpenSSH running on Debian 10.x (buster)</description>
1235
1334
  <example service.version="7.9p1" openssh.comment="Debian-10">OpenSSH_7.9p1 Debian-10</example>
@@ -1244,8 +1343,9 @@
1244
1343
  <param pos="0" name="os.family" value="Linux"/>
1245
1344
  <param pos="0" name="os.product" value="Linux"/>
1246
1345
  <param pos="0" name="os.version" value="10.0"/>
1247
- <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:{os.version}"/>
1346
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:10.0"/>
1248
1347
  </fingerprint>
1348
+
1249
1349
  <fingerprint pattern="^OpenSSH_(8\.1p1) (Debian-1|Debian-\d\d?\+deb11u\d+)$">
1250
1350
  <description>OpenSSH running on Debian 11.x (bullseye)</description>
1251
1351
  <example service.version="8.1p1" openssh.comment="Debian-1">OpenSSH_8.1p1 Debian-1</example>
@@ -1260,8 +1360,9 @@
1260
1360
  <param pos="0" name="os.family" value="Linux"/>
1261
1361
  <param pos="0" name="os.product" value="Linux"/>
1262
1362
  <param pos="0" name="os.version" value="11.0"/>
1263
- <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:{os.version}"/>
1363
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:11.0"/>
1264
1364
  </fingerprint>
1365
+
1265
1366
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-\d+(?:[~]?bpo[.]?\d+)?)$">
1266
1367
  <description>OpenSSH running on Debian (unknown release)</description>
1267
1368
  <example service.version="4.3p2" openssh.comment="Debian-5~bpo.1">OpenSSH_4.3p2 Debian-5~bpo.1</example>
@@ -1278,7 +1379,9 @@
1278
1379
  <param pos="0" name="os.product" value="Linux"/>
1279
1380
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:-"/>
1280
1381
  </fingerprint>
1382
+
1281
1383
  <!-- Raspbian -->
1384
+
1282
1385
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Raspbian-5\+deb8u\d+)$">
1283
1386
  <description>OpenSSH running on Raspbian (Debian 8 "Jessie" based)</description>
1284
1387
  <example service.version="6.7p1" openssh.comment="Raspbian-5+deb8u1">OpenSSH_6.7p1 Raspbian-5+deb8u1</example>
@@ -1295,6 +1398,7 @@
1295
1398
  <param pos="0" name="os.version" value="8.0"/>
1296
1399
  <param pos="0" name="hw.product" value="Raspberry Pi"/>
1297
1400
  </fingerprint>
1401
+
1298
1402
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Raspbian-\d\d?\+deb9u\d+)$">
1299
1403
  <description>OpenSSH running on Raspbian (Debian 9 "Stretch" based)</description>
1300
1404
  <example service.version="7.4p1" openssh.comment="Raspbian-10+deb9u1">OpenSSH_7.4p1 Raspbian-10+deb9u1</example>
@@ -1311,6 +1415,7 @@
1311
1415
  <param pos="0" name="os.version" value="9.0"/>
1312
1416
  <param pos="0" name="hw.product" value="Raspberry Pi"/>
1313
1417
  </fingerprint>
1418
+
1314
1419
  <fingerprint pattern="^OpenSSH_(7\.9p1)\s+(Raspbian-(?:10|\d\d?\+deb10u\d+))$">
1315
1420
  <description>OpenSSH running on Raspbian (Debian 10 "Buster" based)</description>
1316
1421
  <example service.version="7.9p1" openssh.comment="Raspbian-10">OpenSSH_7.9p1 Raspbian-10</example>
@@ -1327,6 +1432,7 @@
1327
1432
  <param pos="0" name="os.version" value="10.0"/>
1328
1433
  <param pos="0" name="hw.product" value="Raspberry Pi"/>
1329
1434
  </fingerprint>
1435
+
1330
1436
  <fingerprint pattern="^OpenSSH_(8\.1p1)\s+(Raspbian-(?:1|\d\d?\+deb11u\d+))$">
1331
1437
  <description>OpenSSH running on Raspbian (Debian 11 "Bullseye" based)</description>
1332
1438
  <example service.version="8.1p1" openssh.comment="Raspbian-1">OpenSSH_8.1p1 Raspbian-1</example>
@@ -1343,6 +1449,7 @@
1343
1449
  <param pos="0" name="os.version" value="11.0"/>
1344
1450
  <param pos="0" name="hw.product" value="Raspberry Pi"/>
1345
1451
  </fingerprint>
1452
+
1346
1453
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Raspbian-\d\d?)$">
1347
1454
  <description>OpenSSH running on Raspbian (Debian, unknown release)</description>
1348
1455
  <example service.version="7.5p1" openssh.comment="Raspbian-10">OpenSSH_7.5p1 Raspbian-10</example>
@@ -1358,7 +1465,9 @@
1358
1465
  <param pos="0" name="os.product" value="Linux"/>
1359
1466
  <param pos="0" name="hw.product" value="Raspberry Pi"/>
1360
1467
  </fingerprint>
1468
+
1361
1469
  <!-- Miscellaneous -->
1470
+
1362
1471
  <fingerprint pattern="^OpenSSH_(.*)\+(CAN-[0-9]{4}-[0-9]{4})$">
1363
1472
  <description>OpenSSH with CVE patch, as seen in Mac OS X</description>
1364
1473
  <example service.version="3.4p1" openssh.cvepatch="CAN-2004-0175">OpenSSH_3.4p1+CAN-2004-0175</example>
@@ -1373,6 +1482,7 @@
1373
1482
  <param pos="0" name="os.product" value="Mac OS X"/>
1374
1483
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:-"/>
1375
1484
  </fingerprint>
1485
+
1376
1486
  <fingerprint pattern="^OpenSSH_(.*)_Mikrotik_v(.*)$">
1377
1487
  <description>OpenSSH on MikroTik</description>
1378
1488
  <example service.version="2.3.0" os.version="2.9">OpenSSH_2.3.0_Mikrotik_v2.9</example>
@@ -1388,6 +1498,7 @@
1388
1498
  <param pos="0" name="os.product" value="RouterOS"/>
1389
1499
  <param pos="0" name="os.cpe23" value="cpe:/o:mikrotik:routeros:{os.version}"/>
1390
1500
  </fingerprint>
1501
+
1391
1502
  <fingerprint pattern="^OpenSSH_(.*)-HipServ$">
1392
1503
  <description>OpenSSH on HipServ</description>
1393
1504
  <example service.version="4.3">OpenSSH_4.3-HipServ</example>
@@ -1401,6 +1512,7 @@
1401
1512
  <param pos="0" name="os.family" value="Linux"/>
1402
1513
  <param pos="0" name="os.product" value="HipServ"/>
1403
1514
  </fingerprint>
1515
+
1404
1516
  <fingerprint pattern="^OpenSSH_for_Windows_([\d.]+)$">
1405
1517
  <description>OpenSSH running on Windows</description>
1406
1518
  <example service.version="7.7">OpenSSH_for_Windows_7.7</example>
@@ -1412,7 +1524,9 @@
1412
1524
  <param pos="0" name="os.vendor" value="Microsoft"/>
1413
1525
  <param pos="0" name="os.family" value="Windows"/>
1414
1526
  <param pos="0" name="os.product" value="Windows"/>
1527
+ <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1415
1528
  </fingerprint>
1529
+
1416
1530
  <fingerprint pattern="^OpenSSH_(.*) in DesktopAuthority (?:.*)$">
1417
1531
  <description>DesktopAuthority SSH</description>
1418
1532
  <example service.version="3.8">OpenSSH_3.8 in DesktopAuthority 7.1.091</example>
@@ -1426,6 +1540,7 @@
1426
1540
  <param pos="0" name="os.product" value="Windows"/>
1427
1541
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1428
1542
  </fingerprint>
1543
+
1429
1544
  <fingerprint pattern="^OpenSSH_(\d+\.\d+(?:\.\d+)?(?:p\d+)?) ((?:PKIX\s+)?FIPS)$">
1430
1545
  <description>OpenSSH with a version and FIPS mode enabled</description>
1431
1546
  <example service.version="5.9" openssh.comment="FIPS">OpenSSH_5.9 FIPS</example>
@@ -1438,6 +1553,7 @@
1438
1553
  <param pos="0" name="service.product" value="OpenSSH"/>
1439
1554
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
1440
1555
  </fingerprint>
1556
+
1441
1557
  <fingerprint pattern="^OpenSSH_(\d+\.\d+(?:\.\d+)?(?:p\d+)?) *$">
1442
1558
  <description>OpenSSH with just a version, no comment by vendor</description>
1443
1559
  <example service.version="5.9p1">OpenSSH_5.9p1</example>
@@ -1450,6 +1566,7 @@
1450
1566
  <param pos="0" name="service.product" value="OpenSSH"/>
1451
1567
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
1452
1568
  </fingerprint>
1569
+
1453
1570
  <fingerprint pattern="^OpenSSH$">
1454
1571
  <description>OpenSSH w/o version or comment</description>
1455
1572
  <example>OpenSSH</example>
@@ -1458,7 +1575,9 @@
1458
1575
  <param pos="0" name="service.product" value="OpenSSH"/>
1459
1576
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:-"/>
1460
1577
  </fingerprint>
1578
+
1461
1579
  <!-- SSH-1.99-OpenSSH_4.3p2-4.cern-hpn-CERN-4.3p2-4.cern -->
1580
+
1462
1581
  <!--<fingerprint pattern="^OpenSSH_?([^\s]*)\s*(.*)$">
1463
1582
  <description>Catch all for OpenSSH based SSH servers
1464
1583
  ******************** NOTE ********************
@@ -1471,8 +1590,12 @@
1471
1590
  <param pos="0" name="service.vendor" value="OpenBSD"/>
1472
1591
  <param pos="0" name="service.family" value="OpenSSH"/>
1473
1592
  <param pos="0" name="service.product" value="OpenSSH"/>
1474
- </fingerprint>-->
1593
+ </fingerprint>
1594
+
1595
+ -->
1596
+
1475
1597
  <!-- TODO: Handle "vpn3" banners for Cisco 3000 VPN Concentrators (need example banners first) -->
1598
+
1476
1599
  <fingerprint pattern="^Cisco-(.*)$">
1477
1600
  <description>Cisco SSH banner (could be IOS or PIX), The version always seems to be 1.25</description>
1478
1601
  <example service.version="1.25">Cisco-1.25</example>
@@ -1484,15 +1607,17 @@
1484
1607
  <param pos="0" name="os.certainty" value="0.8"/>
1485
1608
  <param pos="0" name="os.cpe23" value="cpe:/o:cisco:ios:-"/>
1486
1609
  </fingerprint>
1610
+
1487
1611
  <fingerprint pattern="^CISCO_WLC$">
1488
1612
  <description>SSH banner from a Cisco WLC (WLC)</description>
1489
1613
  <example>CISCO_WLC</example>
1490
1614
  <param pos="0" name="service.vendor" value="Cisco"/>
1491
1615
  <param pos="0" name="service.product" value="SSH"/>
1492
1616
  <param pos="0" name="os.vendor" value="Cisco"/>
1493
- <param pos="0" name="os.product" value="Wireless Controller"/>
1617
+ <param pos="0" name="os.product" value="Wireless LAN Controller"/>
1494
1618
  <param pos="0" name="os.cpe23" value="cpe:/o:cisco:wireless_lan_controller:-"/>
1495
1619
  </fingerprint>
1620
+
1496
1621
  <fingerprint pattern="(?i)^Cleo (\S+)/(\S+) SSH FTP server$">
1497
1622
  <description>Cleo networks Harmony, VLProxy, VLTrader, others</description>
1498
1623
  <example service.product="Harmony" service.version="5.5.0.3">Cleo Harmony/5.5.0.3 SSH FTP server</example>
@@ -1501,6 +1626,7 @@
1501
1626
  <param pos="1" name="service.product"/>
1502
1627
  <param pos="2" name="service.version"/>
1503
1628
  </fingerprint>
1629
+
1504
1630
  <fingerprint pattern="^Sun_SSH_(.*)$">
1505
1631
  <description>Sun SSH banner</description>
1506
1632
  <example service.version="1.1">Sun_SSH_1.1</example>
@@ -1512,6 +1638,7 @@
1512
1638
  <param pos="0" name="os.product" value="Solaris"/>
1513
1639
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:-"/>
1514
1640
  </fingerprint>
1641
+
1515
1642
  <fingerprint pattern="^SSH Protocol Compatible Server SCS (.*)$">
1516
1643
  <description>Netscreen with version</description>
1517
1644
  <param pos="1" name="service.version"/>
@@ -1524,6 +1651,7 @@
1524
1651
  <param pos="0" name="os.product" value="ScreenOS"/>
1525
1652
  <param pos="0" name="os.cpe23" value="cpe:/o:juniper:screenos:-"/>
1526
1653
  </fingerprint>
1654
+
1527
1655
  <fingerprint pattern="^NetScreen$">
1528
1656
  <description>Netscreen generic</description>
1529
1657
  <example>NetScreen</example>
@@ -1536,11 +1664,13 @@
1536
1664
  <param pos="0" name="os.product" value="ScreenOS"/>
1537
1665
  <param pos="0" name="os.cpe23" value="cpe:/o:juniper:screenos:-"/>
1538
1666
  </fingerprint>
1667
+
1539
1668
  <fingerprint pattern="^HUAWEI-(?:[\d\.]+)$">
1540
1669
  <description>Huawei generic</description>
1541
1670
  <example>HUAWEI-1.5</example>
1542
1671
  <param pos="0" name="hw.vendor" value="Huawei"/>
1543
1672
  </fingerprint>
1673
+
1544
1674
  <fingerprint pattern="^HUAWEI-UMG(\d+)">
1545
1675
  <description>Huawei Universal Media Gateway</description>
1546
1676
  <example hw.model="8900">HUAWEI-UMG8900</example>
@@ -1549,6 +1679,7 @@
1549
1679
  <param pos="0" name="hw.device" value="Telecom"/>
1550
1680
  <param pos="1" name="hw.model"/>
1551
1681
  </fingerprint>
1682
+
1552
1683
  <fingerprint pattern="^HUAWEI.VRP.([\d\.]+)$">
1553
1684
  <description>Huawei Versatile Routing Platform (VRP)</description>
1554
1685
  <example os.version="3.10" service.version="3.10">HUAWEI-VRP-3.10</example>
@@ -1563,6 +1694,7 @@
1563
1694
  <param pos="0" name="os.product" value="VRP"/>
1564
1695
  <param pos="1" name="os.version"/>
1565
1696
  </fingerprint>
1697
+
1566
1698
  <fingerprint pattern="^([\d.]+)[ _]sshlib:? (?i:GlobalScape)$">
1567
1699
  <description>GlobalScape SSH (which uses Bitvise sshlib)</description>
1568
1700
  <example service.component.version="1.36">1.36_sshlib GlobalSCAPE</example>
@@ -1580,6 +1712,7 @@
1580
1712
  <param pos="0" name="os.product" value="Windows"/>
1581
1713
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1582
1714
  </fingerprint>
1715
+
1583
1716
  <fingerprint pattern="^([^\s]+) sshlib: WinSSHD (.*)$">
1584
1717
  <description>Bitvise WinSSHD (which uses Bitvise sshlib)</description>
1585
1718
  <example service.component.version="1.78" service.version="4.15a">1.78 sshlib: WinSSHD 4.15a</example>
@@ -1596,6 +1729,7 @@
1596
1729
  <param pos="0" name="os.product" value="Windows"/>
1597
1730
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1598
1731
  </fingerprint>
1732
+
1599
1733
  <fingerprint pattern="^([^\s]+) FlowSsh: (?:Bitvise SSH Server \(WinSSHD\)|WinSSHD) ([\d\.]+):?.*$">
1600
1734
  <description>Bitvise WinSSHD (which uses Bitvise flowssh) with version</description>
1601
1735
  <example service.version="5.09" service.component.version="1.03">1.03 FlowSsh: WinSSHD 5.09</example>
@@ -1614,6 +1748,7 @@
1614
1748
  <param pos="0" name="os.product" value="Windows"/>
1615
1749
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1616
1750
  </fingerprint>
1751
+
1617
1752
  <fingerprint pattern="^([^\s]+) FlowSsh: (?:Bitvise SSH Server \(WinSSHD\)|WinSSHD)(?: :.*)?$">
1618
1753
  <description>Bitvise WinSSHD (which uses Bitvise flowssh) without version</description>
1619
1754
  <example service.component.version="9.99">9.99 FlowSsh: Bitvise SSH Server (WinSSHD)</example>
@@ -1630,6 +1765,7 @@
1630
1765
  <param pos="0" name="os.product" value="Windows"/>
1631
1766
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1632
1767
  </fingerprint>
1768
+
1633
1769
  <fingerprint pattern="^([^\s]+) sshlib: MOVEit DMZ SSH (.*)$">
1634
1770
  <description>MOVEit DMZ (which uses Bitvise sshlib)</description>
1635
1771
  <param pos="1" name="service.component.version"/>
@@ -1645,6 +1781,7 @@
1645
1781
  <param pos="0" name="os.product" value="Windows"/>
1646
1782
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1647
1783
  </fingerprint>
1784
+
1648
1785
  <fingerprint pattern="^paramiko_([\d\.]+).*$">
1649
1786
  <description>Paramiko</description>
1650
1787
  <example service.version="2.1.3">paramiko_2.1.3 501 command not implemented ERROR</example>
@@ -1652,7 +1789,9 @@
1652
1789
  <param pos="0" name="service.vendor" value="Paramiko"/>
1653
1790
  <param pos="0" name="service.product" value="Paramiko"/>
1654
1791
  <param pos="1" name="service.version"/>
1792
+ <param pos="0" name="service.cpe23" value="cpe:/a:paramiko:paramiko:{service.version}"/>
1655
1793
  </fingerprint>
1794
+
1656
1795
  <fingerprint pattern="^Pragma SecureShell\s*(.*)$">
1657
1796
  <description>Pragma SecureShell</description>
1658
1797
  <param pos="1" name="service.version"/>
@@ -1664,6 +1803,7 @@
1664
1803
  <param pos="0" name="os.product" value="Windows"/>
1665
1804
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1666
1805
  </fingerprint>
1806
+
1667
1807
  <fingerprint pattern="^Pragma FortressSSH\s+([\d.]+)(?:\s+\[([\d.:]+)\])?$">
1668
1808
  <description>Pragma FortressSSH</description>
1669
1809
  <example service.version="5.0.9.2031">Pragma FortressSSH 5.0.9.2031</example>
@@ -1678,6 +1818,7 @@
1678
1818
  <param pos="0" name="os.product" value="Windows"/>
1679
1819
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1680
1820
  </fingerprint>
1821
+
1681
1822
  <fingerprint pattern="^RebexSSH_([\d\.]+)$">
1682
1823
  <description>Rbex SSH</description>
1683
1824
  <example service.version="1.0.5.25508">RebexSSH_1.0.5.25508</example>
@@ -1685,12 +1826,14 @@
1685
1826
  <param pos="0" name="service.product" value="SSH"/>
1686
1827
  <param pos="1" name="service.version"/>
1687
1828
  </fingerprint>
1829
+
1688
1830
  <fingerprint pattern="^RGOS_\S+$">
1689
1831
  <description>Ruijie Networks SSH</description>
1690
1832
  <example>RGOS_SSH_1.0</example>
1691
1833
  <example>RGOS_PK3223</example>
1692
1834
  <param pos="0" name="hw.vendor" value="Ruijie"/>
1693
1835
  </fingerprint>
1836
+
1694
1837
  <fingerprint pattern="^VShell_(?:Special_Edition_)?(\d+)_(\d+)_(\d+)_(\d+) VShell$">
1695
1838
  <description>VanDyke VShell - detailed variant</description>
1696
1839
  <example service.version="3" service.version.version="6" service.version.version.version="2" service.version.version.version.version="446">VShell_3_6_2_446 VShell</example>
@@ -1704,6 +1847,7 @@
1704
1847
  <param pos="0" name="service.product" value="VShell"/>
1705
1848
  <param pos="0" name="service.cpe23" value="cpe:/a:vandyke:vshell:{service.version}"/>
1706
1849
  </fingerprint>
1850
+
1707
1851
  <fingerprint pattern="^([\s]*)\s*VShell$">
1708
1852
  <description>VanDyke VShell</description>
1709
1853
  <param pos="1" name="service.version"/>
@@ -1712,6 +1856,7 @@
1712
1856
  <param pos="0" name="service.product" value="VShell"/>
1713
1857
  <param pos="0" name="service.cpe23" value="cpe:/a:vandyke:vshell:{service.version}"/>
1714
1858
  </fingerprint>
1859
+
1715
1860
  <fingerprint pattern="^WRQReflection(?i:F)orSecureIT_(.*)$">
1716
1861
  <description>Attachmate Reflection (formerly WRQ Reflection for Secure IT)</description>
1717
1862
  <example service.version="6.1 Build 21">WRQReflectionForSecureIT_6.1 Build 21</example>
@@ -1721,6 +1866,7 @@
1721
1866
  <param pos="0" name="service.family" value="Reflection"/>
1722
1867
  <param pos="0" name="service.product" value="Reflection"/>
1723
1868
  </fingerprint>
1869
+
1724
1870
  <fingerprint pattern="^([^\s]*)\s*F-Secure SSH\s*(?:.*)$">
1725
1871
  <description>Attachmate Reflection (formerly F-Secure SSH)</description>
1726
1872
  <example service.version="3.2.3">3.2.3 F-Secure SSH Windows NT Server</example>
@@ -1729,6 +1875,7 @@
1729
1875
  <param pos="0" name="service.family" value="Reflection"/>
1730
1876
  <param pos="0" name="service.product" value="Reflection"/>
1731
1877
  </fingerprint>
1878
+
1732
1879
  <fingerprint pattern="^([^\s]*)\s*SSH Tectia Server$">
1733
1880
  <description>SSH Communications Security Tectia Server - branded</description>
1734
1881
  <example service.version="6.4.12.353">6.4.12.353 SSH Tectia Server</example>
@@ -1737,6 +1884,7 @@
1737
1884
  <param pos="0" name="service.family" value="SSH Tectia Server"/>
1738
1885
  <param pos="0" name="service.product" value="SSH Tectia Server"/>
1739
1886
  </fingerprint>
1887
+
1740
1888
  <fingerprint pattern="^([0-9\.]+) SSH Secure Shell(?: \(non-commercial\))?$">
1741
1889
  <description>SSH Communications Security Tectia Server</description>
1742
1890
  <example service.version="3.2.9.1">3.2.9.1 SSH Secure Shell (non-commercial)</example>
@@ -1747,6 +1895,7 @@
1747
1895
  <param pos="0" name="service.family" value="SSH Tectia Server"/>
1748
1896
  <param pos="0" name="service.product" value="SSH Tectia Server"/>
1749
1897
  </fingerprint>
1898
+
1750
1899
  <fingerprint pattern="^([0-9\.]+) SSH Secure Shell Windows NT Server$">
1751
1900
  <description>Unknown Windows SSH server</description>
1752
1901
  <example service.version="4.0.3">4.0.3 SSH Secure Shell Windows NT Server</example>
@@ -1759,6 +1908,7 @@
1759
1908
  <param pos="0" name="service.family" value="SSH Tectia Server"/>
1760
1909
  <param pos="0" name="service.product" value="SSH Tectia Server"/>
1761
1910
  </fingerprint>
1911
+
1762
1912
  <fingerprint pattern="^ARRIS_(.*)$">
1763
1913
  <description>ARRIS device (though not clear which) - www.arrisi.com</description>
1764
1914
  <example service.version="0.50">ARRIS_0.50</example>
@@ -1767,6 +1917,7 @@
1767
1917
  <param pos="0" name="service.product" value="ARRIS"/>
1768
1918
  <param pos="0" name="os.vendor" value="ARRIS"/>
1769
1919
  </fingerprint>
1920
+
1770
1921
  <fingerprint pattern="^Mocana SSH\s?(?:([\d.]+))?$">
1771
1922
  <description>Mocana Embedded SSH</description>
1772
1923
  <example service.version="5.3.1">Mocana SSH 5.3.1</example>
@@ -1776,6 +1927,7 @@
1776
1927
  <param pos="0" name="service.family" value="Embedded SSH Server"/>
1777
1928
  <param pos="0" name="service.product" value="Embedded SSH Server"/>
1778
1929
  </fingerprint>
1930
+
1779
1931
  <fingerprint pattern="^FreSSH\.(.*)$">
1780
1932
  <description>FreSSH</description>
1781
1933
  <example service.version="0.8">FreSSH.0.8</example>
@@ -1783,6 +1935,7 @@
1783
1935
  <param pos="0" name="service.family" value="FreSSH"/>
1784
1936
  <param pos="0" name="service.product" value="FreSSH"/>
1785
1937
  </fingerprint>
1938
+
1786
1939
  <fingerprint pattern="^RomCliSecure_(.*)$">
1787
1940
  <description>RomCliSecure appears to be the Adtran NetVanta products</description>
1788
1941
  <example service.version="4.12">RomCliSecure_4.12</example>
@@ -1794,6 +1947,7 @@
1794
1947
  <param pos="0" name="os.family" value="NetVanta"/>
1795
1948
  <param pos="0" name="os.product" value="NetVanta"/>
1796
1949
  </fingerprint>
1950
+
1797
1951
  <fingerprint pattern="^.*MultiNet.*$">
1798
1952
  <description>Process Software MultiNet is a suite of network apps for OpenVMS</description>
1799
1953
  <param pos="0" name="service.vendor" value="Process Software"/>
@@ -1804,20 +1958,27 @@
1804
1958
  <param pos="0" name="os.product" value="OpenVMS"/>
1805
1959
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:openvms:-"/>
1806
1960
  </fingerprint>
1961
+
1807
1962
  <fingerprint pattern="^dropbear$">
1808
1963
  <description>Dropbear w/o version - http://matt.ucc.asn.au/dropbear/dropbear.html</description>
1809
1964
  <example>dropbear</example>
1965
+ <param pos="0" name="service.vendor" value="Dropbear SSH Project"/>
1810
1966
  <param pos="0" name="service.family" value="Dropbear"/>
1811
- <param pos="0" name="service.product" value="Dropbear"/>
1967
+ <param pos="0" name="service.product" value="Dropbear SSH"/>
1968
+ <param pos="0" name="service.cpe23" value="cpe:/a:dropbear_ssh_project:dropbear_ssh:-"/>
1812
1969
  </fingerprint>
1970
+
1813
1971
  <fingerprint pattern="^dropbear_(.*)$">
1814
1972
  <description>Dropbear - http://matt.ucc.asn.au/dropbear/dropbear.html</description>
1815
1973
  <example service.version="2015.67">dropbear_2015.67</example>
1816
1974
  <example service.version="0.49">dropbear_0.49</example>
1817
1975
  <param pos="1" name="service.version"/>
1976
+ <param pos="0" name="service.vendor" value="Dropbear SSH Project"/>
1818
1977
  <param pos="0" name="service.family" value="Dropbear"/>
1819
- <param pos="0" name="service.product" value="Dropbear"/>
1978
+ <param pos="0" name="service.product" value="Dropbear SSH"/>
1979
+ <param pos="0" name="service.cpe23" value="cpe:/a:dropbear_ssh_project:dropbear_ssh:{service.version}"/>
1820
1980
  </fingerprint>
1981
+
1821
1982
  <fingerprint pattern="^lancom$">
1822
1983
  <description>LANCOM Systems - http://www.lancom-systems.de/</description>
1823
1984
  <example>lancom</example>
@@ -1826,6 +1987,7 @@
1826
1987
  <param pos="0" name="service.product" value="SSH"/>
1827
1988
  <param pos="0" name="os.vendor" value="LANCOM Systems"/>
1828
1989
  </fingerprint>
1990
+
1829
1991
  <fingerprint pattern="^0$">
1830
1992
  <description>MOVEit DMZ</description>
1831
1993
  <example>0</example>
@@ -1837,6 +1999,7 @@
1837
1999
  <param pos="0" name="os.product" value="Windows"/>
1838
2000
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1839
2001
  </fingerprint>
2002
+
1840
2003
  <fingerprint pattern="^Comware-(\d+\.?\d*\.?\d*)$">
1841
2004
  <description>SSH on H3C Comware</description>
1842
2005
  <example os.version="5.20.105">Comware-5.20.105</example>
@@ -1849,6 +2012,7 @@
1849
2012
  <param pos="0" name="os.family" value="Comware"/>
1850
2013
  <param pos="1" name="os.version"/>
1851
2014
  </fingerprint>
2015
+
1852
2016
  <fingerprint pattern="^Data ONTAP SSH [\d\.]+$">
1853
2017
  <description>SSH NetApp appliances</description>
1854
2018
  <example>Data ONTAP SSH 1.0</example>
@@ -1857,12 +2021,13 @@
1857
2021
  <param pos="0" name="os.product" value="Data ONTAP"/>
1858
2022
  <param pos="0" name="os.cpe23" value="cpe:/o:netapp:data_ontap:-"/>
1859
2023
  </fingerprint>
2024
+
1860
2025
  <fingerprint pattern="^(\d\.\d+\.\d+) SSH Secure Shell OpenVMS V\d+\.\d+$">
1861
2026
  <description>SSH for OpenVMS</description>
1862
2027
  <example service.component.version="3.2.0">3.2.0 SSH Secure Shell OpenVMS V5.5</example>
1863
2028
  <example service.component.version="2.4.1">2.4.1 SSH Secure Shell OpenVMS V1.0</example>
1864
2029
  <param pos="1" name="service.component.version"/>
1865
- <param pos="0" name="service.component.vendor" value="SSH Communication Security"/>
2030
+ <param pos="0" name="service.component.vendor" value="SSH Communications Security"/>
1866
2031
  <param pos="0" name="service.component.family" value="SSH Secure Shell"/>
1867
2032
  <param pos="0" name="service.component.product" value="SSH Secure Shell"/>
1868
2033
  <param pos="0" name="service.vendor" value="HP"/>
@@ -1874,12 +2039,13 @@
1874
2039
  <param pos="0" name="os.certainty" value="0.75"/>
1875
2040
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:openvms:-"/>
1876
2041
  </fingerprint>
2042
+
1877
2043
  <fingerprint pattern="^(\d\.\d+\.\d+) SSH (?:Secure Shell )?OpenVMS V\d\.\d VMS_sftp_version (\d)$">
1878
2044
  <description>SSH for OpenVMS sftp</description>
1879
2045
  <example service.component.version="3.2.0" service.version="3">3.2.0 SSH Secure Shell OpenVMS V5.5 VMS_sftp_version 3</example>
1880
2046
  <example service.component.version="3.2.0" service.version="3">3.2.0 SSH OpenVMS V5.5 VMS_sftp_version 3</example>
1881
2047
  <param pos="1" name="service.component.version"/>
1882
- <param pos="0" name="service.component.vendor" value="SSH Communication Security"/>
2048
+ <param pos="0" name="service.component.vendor" value="SSH Communications Security"/>
1883
2049
  <param pos="0" name="service.component.family" value="SSH Secure Shell"/>
1884
2050
  <param pos="0" name="service.component.product" value="SSH Secure Shell"/>
1885
2051
  <param pos="0" name="service.vendor" value="HP"/>
@@ -1890,14 +2056,16 @@
1890
2056
  <param pos="0" name="os.family" value="OpenVMS"/>
1891
2057
  <param pos="0" name="os.certainty" value="0.75"/>
1892
2058
  </fingerprint>
2059
+
1893
2060
  <fingerprint pattern="^\S+ SSH Secure Shell Tru64 UNIX$">
1894
2061
  <description>Digital/Compaq/HP Tru64 Unix</description>
1895
2062
  <example>3.2.0 SSH Secure Shell Tru64 UNIX</example>
1896
2063
  <param pos="0" name="os.vendor" value="HP"/>
1897
2064
  <param pos="0" name="os.family" value="Unix"/>
1898
2065
  <param pos="0" name="os.product" value="Tru64 Unix"/>
1899
- <param pos="0" name="os.cpe23" value="cpe:/o:hp:tru64:-"/>
2066
+ <param pos="0" name="os.cpe23" value="cpe:/o:hp:tru64_unix:-"/>
1900
2067
  </fingerprint>
2068
+
1901
2069
  <fingerprint pattern="^ROSSSH$">
1902
2070
  <description>MikroTik RouterOS sshd</description>
1903
2071
  <example>ROSSSH</example>
@@ -1907,9 +2075,11 @@
1907
2075
  <param pos="0" name="os.product" value="RouterOS"/>
1908
2076
  <param pos="0" name="os.cpe23" value="cpe:/o:mikrotik:routeros:-"/>
1909
2077
  </fingerprint>
2078
+
1910
2079
  <!-- xlightftpd is an ftp server that also supports SFTP. The SFTP
1911
2080
  server appears in ssh studies, thus this banner is here, and
1912
2081
  not in ftp_banners.xml-->
2082
+
1913
2083
  <fingerprint pattern="^xlightftpd_release_([\d.]+)$">
1914
2084
  <description>Xlight FTP Server</description>
1915
2085
  <example service.version="3.8.3.6.1">xlightftpd_release_3.8.3.6.1</example>
@@ -1922,6 +2092,7 @@
1922
2092
  <param pos="0" name="os.product" value="Windows"/>
1923
2093
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1924
2094
  </fingerprint>
2095
+
1925
2096
  <fingerprint pattern="^libssh[-_]([\d.]+)$">
1926
2097
  <description>SSH server utilising libssh</description>
1927
2098
  <example service.version="0.6.0">libssh-0.6.0</example>
@@ -1932,6 +2103,7 @@
1932
2103
  <param pos="0" name="service.vendor" value="libssh"/>
1933
2104
  <param pos="0" name="service.cpe23" value="cpe:/a:libssh:libssh:{service.version}"/>
1934
2105
  </fingerprint>
2106
+
1935
2107
  <fingerprint pattern="^WeOnlyDo ([\d.]+)$">
1936
2108
  <description>WeOnlyDo with version</description>
1937
2109
  <example service.version="1.2.7">WeOnlyDo 1.2.7</example>
@@ -1941,8 +2113,8 @@
1941
2113
  <param pos="0" name="service.family" value="WeOnlyDo"/>
1942
2114
  <param pos="0" name="service.vendor" value="WeOnlyDo"/>
1943
2115
  <param pos="0" name="service.product" value="WeOnlyDo SSH Server"/>
1944
- <param pos="0" name="service.cpe23" value="cpe:/a:weonlydo:weonlydo:{service.version}"/>
1945
2116
  </fingerprint>
2117
+
1946
2118
  <fingerprint pattern="^WeOnlyDo ([\d.]+) \(FIPS\)$">
1947
2119
  <description>WeOnlyDo with version with FIPS mode enabled</description>
1948
2120
  <example service.version="2.2.9">WeOnlyDo 2.2.9 (FIPS)</example>
@@ -1951,8 +2123,8 @@
1951
2123
  <param pos="0" name="service.family" value="WeOnlyDo"/>
1952
2124
  <param pos="0" name="service.vendor" value="WeOnlyDo"/>
1953
2125
  <param pos="0" name="service.product" value="WeOnlyDo SSH Server"/>
1954
- <param pos="0" name="service.cpe23" value="cpe:/a:weonlydo:weonlydo:{service.version}"/>
1955
2126
  </fingerprint>
2127
+
1956
2128
  <!--
1957
2129
  1.2.22j4rad
1958
2130
  2.40
@@ -1961,8 +2133,10 @@ Server-VII
1961
2133
  9.9.1
1962
2134
  IPSSH-1.10.0
1963
2135
  -->
2136
+
1964
2137
  <!--
1965
2138
  Possibly Nortel Passport
1966
2139
  SSH_2.1.1
1967
2140
  -->
1968
- </fingerprints>
2141
+
2142
+ </fingerprints>