recog 2.1.20 → 2.1.21

data/xml/smtp_debug.xml

@@ -1,14 +1,14 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<!--
-SMTP response lines to the DEBUG command are matched against these patterns
-(1 line at a time) to fingerprint SMTP servers.
+<fingerprints protocol="smtp" database_type="service" preference="0.14">
+  <!--
+  SMTP response lines to the DEBUG command are matched against these patterns
+  (1 line at a time) to fingerprint SMTP servers.
 
-See comment at the top of smtp_banners.xml for additional info.
+  See comment at the top of smtp_banners.xml for additional info.
 
-'preference' note: This value has been set so as to implement the ordering
-  of SMTP related fingerprint databases as described in 'smtp_banners.xml'.
--->
-<fingerprints protocol="smtp" database_type="service" preference="0.14">
+  'preference' note: This value has been set so as to implement the ordering
+    of SMTP related fingerprint databases as described in 'smtp_banners.xml'.
+  -->
   <fingerprint pattern="^500 No way!$">
     <description>
          Exim
@@ -17,6 +17,7 @@ See comment at the top of smtp_banners.xml for additional info.
     <param pos="0" name="service.vendor" value="exim"/>
     <param pos="0" name="service.family" value="exim"/>
     <param pos="0" name="service.product" value="exim"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:exim:exim:-"/>
   </fingerprint>
   <fingerprint pattern="^250[ -] *Debug set -NOT!$">
     <description>
@@ -36,10 +37,12 @@ See comment at the top of smtp_banners.xml for additional info.
     <param pos="0" name="service.vendor" value="Alt-N"/>
     <param pos="0" name="service.family" value="MDaemon"/>
     <param pos="0" name="service.product" value="MDaemon"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:altn:mdaemon:-"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.family" value="Windows"/>
     <param pos="0" name="os.device" value="General"/>
     <param pos="0" name="os.product" value="Windows"/>
     <param pos="0" name="os.arch" value="x86"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
 </fingerprints>

data/xml/smtp_ehlo.xml

@@ -1,22 +1,23 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<!--
-SMTP response lines to the EHLO command are matched against these patterns
-(1 line at a time) to fingerprint SMTP servers.
+<fingerprints protocol="smtp" database_type="service" preference="0.19">
+  <!--
+  SMTP response lines to the EHLO command are matched against these patterns
+  (1 line at a time) to fingerprint SMTP servers.
 
-See comment at the top of smtp_banners.xml for additional info.
+  See comment at the top of smtp_banners.xml for additional info.
 
-'preference' note: This value has been set so as to implement the ordering
-  of SMTP related fingerprint databases as described in 'smtp_banners.xml'.
--->
-<fingerprints protocol="smtp" database_type="service" preference='0.19'>
+  'preference' note: This value has been set so as to implement the ordering
+    of SMTP related fingerprint databases as described in 'smtp_banners.xml'.
+  -->
   <fingerprint pattern="^500[ -]Syntax error, command &quot;XXXX&quot; unrecognized$">
     <description>
          Cisco PIX changes the command letters to 'X' before passing
          them to the real SMTP server.
       </description>
-    <param pos="0" name="service.vendor" value="Cisco"/>
-    <param pos="0" name="service.family" value="PIX"/>
-    <param pos="0" name="service.product" value="PIX"/>
+    <param pos="0" name="os.vendor" value="Cisco"/>
+    <param pos="0" name="os.family" value="PIX"/>
+    <param pos="0" name="os.product" value="PIX"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:cisco:pix_firewall_software:-"/>
   </fingerprint>
   <!--
    Don't try to infer a fingerprint from XEXCH50, because if we do, it might overwrite
@@ -44,10 +45,12 @@ See comment at the top of smtp_banners.xml for additional info.
     <param pos="0" name="service.vendor" value="Alt-N"/>
     <param pos="0" name="service.family" value="MDaemon"/>
     <param pos="0" name="service.product" value="MDaemon"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:altn:mdaemon:-"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.family" value="Windows"/>
     <param pos="0" name="os.device" value="General"/>
     <param pos="0" name="os.product" value="Windows"/>
     <param pos="0" name="os.arch" value="x86"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
 </fingerprints>

data/xml/smtp_expn.xml

@@ -1,22 +1,23 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<!--
-SMTP response lines to the EXPN command are matched against these patterns
-(1 line at a time) to fingerprint SMTP servers.
+<fingerprints protocol="smtp" database_type="service" preference="0.16">
+  <!--
+  SMTP response lines to the EXPN command are matched against these patterns
+  (1 line at a time) to fingerprint SMTP servers.
 
-See comment at the top of smtp_banners.xml for additional info.
+  See comment at the top of smtp_banners.xml for additional info.
 
-'preference' note: This value has been set so as to implement the ordering
-  of SMTP related fingerprint databases as described in 'smtp_banners.xml'.
--->
-<fingerprints protocol="smtp" database_type="service" preference="0.16">
+  'preference' note: This value has been set so as to implement the ordering
+    of SMTP related fingerprint databases as described in 'smtp_banners.xml'.
+  -->
   <fingerprint pattern="^500[ -]Syntax error, command &quot;XXXX.*&quot; unrecognized$">
     <description>
          Cisco PIX changes the command letters to 'X' before passing
          them to the real SMTP server.
       </description>
-    <param pos="0" name="service.vendor" value="Cisco"/>
-    <param pos="0" name="service.family" value="PIX"/>
-    <param pos="0" name="service.product" value="PIX"/>
+    <param pos="0" name="os.vendor" value="Cisco"/>
+    <param pos="0" name="os.family" value="PIX"/>
+    <param pos="0" name="os.product" value="PIX"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:cisco:pix_firewall_software:-"/>
   </fingerprint>
   <fingerprint pattern="^550[ -]EXPN not available to \(.+\) \[.+\] *$">
     <description>
@@ -26,6 +27,7 @@ See comment at the top of smtp_banners.xml for additional info.
     <param pos="0" name="service.vendor" value="exim"/>
     <param pos="0" name="service.family" value="exim"/>
     <param pos="0" name="service.product" value="exim"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:exim:exim:-"/>
   </fingerprint>
   <fingerprint pattern="^550[ -]EXPN not available to [^ ]+ \(.+\) \[.+\] *$">
     <description>
@@ -35,6 +37,7 @@ See comment at the top of smtp_banners.xml for additional info.
     <param pos="0" name="service.vendor" value="exim"/>
     <param pos="0" name="service.family" value="exim"/>
     <param pos="0" name="service.product" value="exim"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:exim:exim:-"/>
   </fingerprint>
   <fingerprint pattern="^500[ -]Don't you wish! *$">
     <description>GNAT box SMTP</description>
@@ -56,6 +59,7 @@ See comment at the top of smtp_banners.xml for additional info.
     <param pos="0" name="service.vendor" value="Ipswitch"/>
     <param pos="0" name="service.family" value="IMail Server"/>
     <param pos="0" name="service.product" value="IMail Server"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:ipswitch:imail_server:-"/>
   </fingerprint>
   <fingerprint pattern="^502[ -]command is not active$">
     <description>
@@ -64,11 +68,13 @@ See comment at the top of smtp_banners.xml for additional info.
     <param pos="0" name="service.vendor" value="Alt-N"/>
     <param pos="0" name="service.family" value="MDaemon"/>
     <param pos="0" name="service.product" value="MDaemon"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:altn:mdaemon:-"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.family" value="Windows"/>
     <param pos="0" name="os.device" value="General"/>
     <param pos="0" name="os.product" value="Windows"/>
     <param pos="0" name="os.arch" value="x86"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
   <fingerprint pattern="^252 Unable to EXPN &quot;.*&quot;, but will accept message and attempt delivery *$">
     <description>

data/xml/smtp_help.xml

@@ -1,14 +1,14 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<!--
-SMTP response lines to the HELP command are matched against these patterns
-(1 line at a time) to fingerprint SMTP servers.
+<fingerprints protocol="smtp" database_type="service" preference="0.18">
+  <!--
+  SMTP response lines to the HELP command are matched against these patterns
+  (1 line at a time) to fingerprint SMTP servers.
 
-See comment at the top of smtp_banners.xml for additional info.
+  See comment at the top of smtp_banners.xml for additional info.
 
-'preference' note: This value has been set so as to implement the ordering
-  of SMTP related fingerprint databases as described in 'smtp_banners.xml'.
--->
-<fingerprints protocol="smtp" database_type="service" preference="0.18">
+  'preference' note: This value has been set so as to implement the ordering
+    of SMTP related fingerprint databases as described in 'smtp_banners.xml'.
+  -->
   <fingerprint pattern="^214[ -]This is ArGoSoft Mail Server, Version [^ ]+ \(([^ ]+\.[^ ]+\.[^ ]+\.[^ ]+)\) *$">
     <description>
          ArgoSoft mail server HELP response
@@ -33,9 +33,10 @@ See comment at the top of smtp_banners.xml for additional info.
          Cisco PIX changes the command letters to 'X' before passing
          them to the real SMTP server.
       </description>
-    <param pos="0" name="service.vendor" value="Cisco"/>
-    <param pos="0" name="service.family" value="PIX"/>
-    <param pos="0" name="service.product" value="PIX"/>
+    <param pos="0" name="os.vendor" value="Cisco"/>
+    <param pos="0" name="os.family" value="PIX"/>
+    <param pos="0" name="os.product" value="PIX"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:cisco:pix_firewall_software:-"/>
   </fingerprint>
   <fingerprint pattern="^500[ -]5.5.1 unrecognised command HELP$">
     <description>
@@ -48,6 +49,7 @@ See comment at the top of smtp_banners.xml for additional info.
     <param pos="0" name="os.family" value="Mac OS"/>
     <param pos="0" name="os.device" value="General"/>
     <param pos="0" name="os.product" value="Mac OS"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os:-"/>
   </fingerprint>
   <fingerprint pattern="^214[ -]([^ ]+) is running the IBM VM operating system$">
     <description>IBM VM</description>
@@ -67,10 +69,12 @@ See comment at the top of smtp_banners.xml for additional info.
     <param pos="0" name="service.vendor" value="Microsoft"/>
     <param pos="0" name="service.family" value="Exchange Server"/>
     <param pos="0" name="service.product" value="Exchange Server"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:microsoft:exchange_server:-"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.family" value="Windows"/>
     <param pos="0" name="os.device" value="General"/>
     <param pos="0" name="os.product" value="Windows"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
   <fingerprint pattern="^214[ -]Help system currently inactive\.$">
     <description>
@@ -79,11 +83,13 @@ See comment at the top of smtp_banners.xml for additional info.
     <param pos="0" name="service.vendor" value="Alt-N"/>
     <param pos="0" name="service.family" value="MDaemon"/>
     <param pos="0" name="service.product" value="MDaemon"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:altn:mdaemon:-"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.family" value="Windows"/>
     <param pos="0" name="os.device" value="General"/>
     <param pos="0" name="os.product" value="Windows"/>
     <param pos="0" name="os.arch" value="x86"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
   <fingerprint pattern="^214[ -].*This is MERAK ([^ ]+\.[^ ]+\.[^ ]+).*$">
     <description>

data/xml/smtp_mailfrom.xml

@@ -1,14 +1,15 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<!--
-This file is currently unused.
--->
 <fingerprints protocol="smtp" database_type="service">
+  <!--
+  This file is currently unused.
+  -->
   <fingerprint pattern="250 .* is syntactically correct *">
     <description>exim</description>
     <example>250 &lt;nosuchuser@rapid7.com&gt; is syntactically correct</example>
     <param pos="0" name="service.vendor" value="exim"/>
     <param pos="0" name="service.family" value="exim"/>
     <param pos="0" name="service.product" value="exim"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:exim:exim:-"/>
   </fingerprint>
   <fingerprint pattern="501[ -]System error\. *">
     <description>GNAT Box SMTP</description>

data/xml/smtp_noop.xml

@@ -1,14 +1,15 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<!--
-SMTP response lines to the NOOP command are matched against these patterns
-(1 line at a time) to fingerprint SMTP servers.
+<fingerprints protocol="smtp" database_type="service" preference="0.17">
+  <!--
+  SMTP response lines to the NOOP command are matched against these patterns
+  (1 line at a time) to fingerprint SMTP servers.
 
-See comment at the top of smtp_banners.xml for additional info.
+  See comment at the top of smtp_banners.xml for additional info.
 
-'preference' note: This value has been set so as to implement the ordering
-  of SMTP related fingerprint databases as described in 'smtp_banners.xml'.
--->
-<fingerprints protocol="smtp" database_type="service" preference="0.17">
+  'preference' note: This value has been set so as to implement the ordering
+    of SMTP related fingerprint databases as described in 'smtp_banners.xml'.
+
+  -->
   <fingerprint pattern="^220 OK.*$">
     <description>
          CheckPoint FireWall-1 returns code 220 for NOOP command (instead of 250)
@@ -16,6 +17,7 @@ See comment at the top of smtp_banners.xml for additional info.
     <param pos="0" name="service.vendor" value="Check Point"/>
     <param pos="0" name="service.family" value="Check Point"/>
     <param pos="0" name="service.product" value="Firewall-1"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:checkpoint:firewall-1:-"/>
   </fingerprint>
   <fingerprint pattern="^250[ -]2.0.0 doing nothing$">
     <description>
@@ -28,6 +30,7 @@ See comment at the top of smtp_banners.xml for additional info.
     <param pos="0" name="os.family" value="Mac OS"/>
     <param pos="0" name="os.device" value="General"/>
     <param pos="0" name="os.product" value="Mac OS"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os:-"/>
   </fingerprint>
   <fingerprint pattern="^250[ -]Why is there an NOOP instruction\?$">
     <description>
@@ -36,10 +39,12 @@ See comment at the top of smtp_banners.xml for additional info.
     <param pos="0" name="service.vendor" value="Alt-N"/>
     <param pos="0" name="service.family" value="MDaemon"/>
     <param pos="0" name="service.product" value="MDaemon"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:altn:mdaemon:-"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.family" value="Windows"/>
     <param pos="0" name="os.device" value="General"/>
     <param pos="0" name="os.product" value="Windows"/>
     <param pos="0" name="os.arch" value="x86"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
 </fingerprints>

data/xml/smtp_quit.xml

@@ -1,14 +1,14 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<!--
-SMTP response lines to the QUIT command are matched against these patterns
-(1 line at a time) to fingerprint SMTP servers.
+<fingerprints protocol="smtp" database_type="service" preference="0.11">
+  <!--
+  SMTP response lines to the QUIT command are matched against these patterns
+  (1 line at a time) to fingerprint SMTP servers.
 
-See comment at the top of smtp_banners.xml for additional info.
+  See comment at the top of smtp_banners.xml for additional info.
 
-'preference' note: This value has been set so as to implement the ordering
-  of SMTP related fingerprint databases as described in 'smtp_banners.xml'.
--->
-<fingerprints protocol="smtp" database_type="service" preference="0.11">
+  'preference' note: This value has been set so as to implement the ordering
+    of SMTP related fingerprint databases as described in 'smtp_banners.xml'.
+  -->
   <fingerprint pattern="^221[ -]See ya in cyberspace$">
     <description>
          221 See ya in cyberspace
@@ -16,11 +16,13 @@ See comment at the top of smtp_banners.xml for additional info.
     <param pos="0" name="service.vendor" value="Alt-N"/>
     <param pos="0" name="service.family" value="MDaemon"/>
     <param pos="0" name="service.product" value="MDaemon"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:altn:mdaemon:-"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.family" value="Windows"/>
     <param pos="0" name="os.device" value="General"/>
     <param pos="0" name="os.product" value="Windows"/>
     <param pos="0" name="os.arch" value="x86"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
   <fingerprint pattern="^503[ -]5\.5\.0 Not accepting any command except QUIT$">
     <description>

data/xml/smtp_rcptto.xml

@@ -1,7 +1,4 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<!--
-This file is currently unused.
--->
 <fingerprints protocol="smtp" database_type="service">
   <!--
    <fingerprint pattern="501[ -]Invalid domain *">
@@ -27,5 +24,6 @@ This file is currently unused.
     <param pos="0" name="service.vendor" value="Ipswitch"/>
     <param pos="0" name="service.family" value="IMail Server"/>
     <param pos="0" name="service.product" value="IMail Server"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:ipswitch:imail_server:-"/>
   </fingerprint>
 </fingerprints>

data/xml/smtp_rset.xml

@@ -1,14 +1,14 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<!--
-SMTP response lines to the RSET command are matched against these patterns
-(1 line at a time) to fingerprint SMTP servers.
+<fingerprints protocol="smtp" database_type="service" preference="0.12">
+  <!--
+  SMTP response lines to the RSET command are matched against these patterns
+  (1 line at a time) to fingerprint SMTP servers.
 
-See comment at the top of smtp_banners.xml for additional info.
+  See comment at the top of smtp_banners.xml for additional info.
 
-'preference' note: This value has been set so as to implement the ordering
-  of SMTP related fingerprint databases as described in 'smtp_banners.xml'.
--->
-<fingerprints protocol="smtp" database_type="service" preference="0.12">
+  'preference' note: This value has been set so as to implement the ordering
+    of SMTP related fingerprint databases as described in 'smtp_banners.xml'.
+  -->
   <fingerprint pattern="^250[ -]RSET\?  Well, OK\.$">
     <description>
          500 What? I don't understand that.
@@ -16,10 +16,12 @@ See comment at the top of smtp_banners.xml for additional info.
     <param pos="0" name="service.vendor" value="Alt-N"/>
     <param pos="0" name="service.family" value="MDaemon"/>
     <param pos="0" name="service.product" value="MDaemon"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:altn:mdaemon:-"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.family" value="Windows"/>
     <param pos="0" name="os.device" value="General"/>
     <param pos="0" name="os.product" value="Windows"/>
     <param pos="0" name="os.arch" value="x86"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
 </fingerprints>

data/xml/smtp_turn.xml

@@ -1,14 +1,14 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<!--
-SMTP response lines to the TURN command are matched against these patterns
-(1 line at a time) to fingerprint SMTP servers.
+<fingerprints protocol="smtp" database_type="service" preference="0.13">
+  <!--
+  SMTP response lines to the TURN command are matched against these patterns
+  (1 line at a time) to fingerprint SMTP servers.
 
-See comment at the top of smtp_banners.xml for additional info.
+  See comment at the top of smtp_banners.xml for additional info.
 
-'preference' note: This value has been set so as to implement the ordering
-  of SMTP related fingerprint databases as described in 'smtp_banners.xml'.
--->
-<fingerprints protocol="smtp" database_type="service" preference="0.13">
+  'preference' note: This value has been set so as to implement the ordering
+    of SMTP related fingerprint databases as described in 'smtp_banners.xml'.
+  -->
   <fingerprint pattern="^502[ -]Hey!  I don't let remote systems TURN on me\.$">
     <description>
          502 Hey!  I don't let remote systems TURN on me.
@@ -16,10 +16,12 @@ See comment at the top of smtp_banners.xml for additional info.
     <param pos="0" name="service.vendor" value="Alt-N"/>
     <param pos="0" name="service.family" value="MDaemon"/>
     <param pos="0" name="service.product" value="MDaemon"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:altn:mdaemon:-"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.family" value="Windows"/>
     <param pos="0" name="os.device" value="General"/>
     <param pos="0" name="os.product" value="Windows"/>
     <param pos="0" name="os.arch" value="x86"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
 </fingerprints>

data/xml/smtp_vrfy.xml

@@ -1,22 +1,23 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<!--
-SMTP response lines to the VRFY command are matched against these patterns
-(1 line at a time) to fingerprint SMTP servers.
+<fingerprints protocol="smtp" database_type="service" preference="0.15">
+  <!--
+  SMTP response lines to the VRFY command are matched against these patterns
+  (1 line at a time) to fingerprint SMTP servers.
 
-See comment at the top of smtp_banners.xml for additional info.
+  See comment at the top of smtp_banners.xml for additional info.
 
-'preference' note: This value has been set so as to implement the ordering
-  of SMTP related fingerprint databases as described in 'smtp_banners.xml'.
--->
-<fingerprints protocol="smtp" database_type="service" preference="0.15">
+  'preference' note: This value has been set so as to implement the ordering
+    of SMTP related fingerprint databases as described in 'smtp_banners.xml'.
+  -->
   <fingerprint pattern="^500[ -]Syntax error, command &quot;XXXX.*&quot; unrecognized$">
     <description>
          Cisco PIX changes the command letters to 'X' before passing
          them to the real SMTP server.
       </description>
-    <param pos="0" name="service.vendor" value="Cisco"/>
-    <param pos="0" name="service.family" value="PIX"/>
-    <param pos="0" name="service.product" value="PIX"/>
+    <param pos="0" name="os.vendor" value="Cisco"/>
+    <param pos="0" name="os.family" value="PIX"/>
+    <param pos="0" name="os.product" value="PIX"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:cisco:pix_firewall_software:-"/>
   </fingerprint>
   <!-- XXX: Why is EXPN mentionned here ? Is this a mistake ? -->
   <fingerprint pattern="^550[ -]EXPN not available *$">
@@ -27,6 +28,7 @@ See comment at the top of smtp_banners.xml for additional info.
     <param pos="0" name="service.vendor" value="exim"/>
     <param pos="0" name="service.family" value="exim"/>
     <param pos="0" name="service.product" value="exim"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:exim:exim:-"/>
   </fingerprint>
   <fingerprint pattern="^252[ -]VRFY not available *$">
     <description>
@@ -36,6 +38,7 @@ See comment at the top of smtp_banners.xml for additional info.
     <param pos="0" name="service.vendor" value="exim"/>
     <param pos="0" name="service.family" value="exim"/>
     <param pos="0" name="service.product" value="exim"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:exim:exim:-"/>
   </fingerprint>
   <fingerprint pattern="^250[ -]&lt;.+&gt; is deliverable *$">
     <description>
@@ -45,6 +48,7 @@ See comment at the top of smtp_banners.xml for additional info.
     <param pos="0" name="service.vendor" value="exim"/>
     <param pos="0" name="service.family" value="exim"/>
     <param pos="0" name="service.product" value="exim"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:exim:exim:-"/>
   </fingerprint>
   <fingerprint pattern="^550[ -]&lt;.+&gt; is not deliverable *$">
     <description>
@@ -54,6 +58,7 @@ See comment at the top of smtp_banners.xml for additional info.
     <param pos="0" name="service.vendor" value="exim"/>
     <param pos="0" name="service.family" value="exim"/>
     <param pos="0" name="service.product" value="exim"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:exim:exim:-"/>
   </fingerprint>
   <fingerprint pattern="^502[ -]command is not active$">
     <description>
@@ -62,11 +67,13 @@ See comment at the top of smtp_banners.xml for additional info.
     <param pos="0" name="service.vendor" value="Alt-N"/>
     <param pos="0" name="service.family" value="MDaemon"/>
     <param pos="0" name="service.product" value="MDaemon"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:altn:mdaemon:-"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.family" value="Windows"/>
     <param pos="0" name="os.device" value="General"/>
     <param pos="0" name="os.product" value="Windows"/>
     <param pos="0" name="os.arch" value="x86"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
   <fingerprint pattern="^557[ -]5\.5\.2 String does not match anything\. *$">
     <description>