recog 2.3.11 → 2.3.12
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/cpe-remap.yaml +16 -1
- data/identifiers/hw_family.txt +1 -1
- data/identifiers/hw_product.txt +1 -1
- data/identifiers/service_product.txt +1 -1
- data/lib/recog/version.rb +1 -1
- data/xml/dns_versionbind.xml +9 -3
- data/xml/ftp_banners.xml +51 -4
- data/xml/http_servers.xml +51 -5
- data/xml/imap_banners.xml +4 -0
- data/xml/pop_banners.xml +2 -0
- data/xml/smtp_banners.xml +84 -2
- data/xml/ssh_banners.xml +6 -2
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 477c1b984da6788f9acbe0f8868fe07b500c0a6c9b94691a23535befba43b912
|
4
|
+
data.tar.gz: a23f96a8ae8212ba1521455ccbfbe60f355706eb04fbe309768cd538a5ff90a6
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b758ee85f8fb433fb2d0ef8ad07e627bb941ad86d5d3f07ebb768ecda8c8a00521e37c0dff81e5e2c3b7065584b7d4bef283fb6ceea0da45c952e57301879d2c
|
7
|
+
data.tar.gz: d07e8d168442426db1cee39ecaf6d2f7c337b20bf41799115354099185daa2e4696c58df2fddba9d025f05386fd426ce4c15bbc06eea04e47dff01642a86cd95
|
data/cpe-remap.yaml
CHANGED
@@ -16,6 +16,10 @@ mappings:
|
|
16
16
|
weblogic: weblogic_server
|
17
17
|
blue_coat:
|
18
18
|
vendor: bluecoat
|
19
|
+
carnegie_mellon_university:
|
20
|
+
vendor: cmu
|
21
|
+
products:
|
22
|
+
cyrus_imap: cyrus_imap_server
|
19
23
|
centos:
|
20
24
|
vendor: centos
|
21
25
|
products:
|
@@ -32,6 +36,9 @@ mappings:
|
|
32
36
|
vendor: debian
|
33
37
|
products:
|
34
38
|
linux: debian_linux
|
39
|
+
embedthis:
|
40
|
+
products:
|
41
|
+
goahead_webserver: goahead
|
35
42
|
f5:
|
36
43
|
vendor: f5
|
37
44
|
products:
|
@@ -41,12 +48,12 @@ mappings:
|
|
41
48
|
vendor: hp
|
42
49
|
products:
|
43
50
|
ilo: integrated_lights_out
|
44
|
-
lotus_domino: lotus_domino_server
|
45
51
|
tru64_unix: tru64
|
46
52
|
ibm:
|
47
53
|
vendor: ibm
|
48
54
|
products:
|
49
55
|
lotus_domino: lotus_domino_server
|
56
|
+
ibm_domino: lotus_domino
|
50
57
|
os/400: os_400
|
51
58
|
jamf:
|
52
59
|
products:
|
@@ -57,6 +64,10 @@ mappings:
|
|
57
64
|
junos_os: junos
|
58
65
|
kibana:
|
59
66
|
vendor: elasticsearch
|
67
|
+
cz.nic:
|
68
|
+
vendor: knot-dns
|
69
|
+
litespeed_technologies:
|
70
|
+
vendor: litespeedtech
|
60
71
|
linux:
|
61
72
|
vendor: linux
|
62
73
|
products:
|
@@ -94,6 +105,10 @@ mappings:
|
|
94
105
|
vendor: modwsgi
|
95
106
|
mort_bay:
|
96
107
|
vendor: mortbay
|
108
|
+
nlnet_labs:
|
109
|
+
vendor: nlnetlabs
|
110
|
+
products:
|
111
|
+
dnsd: name_server_daemon
|
97
112
|
net-snmp:
|
98
113
|
vendor: net-snmp
|
99
114
|
products:
|
data/identifiers/hw_family.txt
CHANGED
data/identifiers/hw_product.txt
CHANGED
@@ -421,6 +421,7 @@ Symantec Endpoint Protection Manager
|
|
421
421
|
Symantec Mail Security for SMTP
|
422
422
|
Symantec Messaging Gateway
|
423
423
|
TBS FTP Server
|
424
|
+
TCP/IP
|
424
425
|
TCPIP POP server
|
425
426
|
TUX Web Server
|
426
427
|
TeamCity
|
@@ -554,4 +555,3 @@ vsFTPd
|
|
554
555
|
vsFTPd Extended
|
555
556
|
z/OS FTP Server
|
556
557
|
zFTPServer
|
557
|
-
TCP/IP
|
data/lib/recog/version.rb
CHANGED
data/xml/dns_versionbind.xml
CHANGED
@@ -516,6 +516,7 @@
|
|
516
516
|
<param pos="0" name="service.family" value="NSD"/>
|
517
517
|
<param pos="0" name="service.product" value="dnsd"/>
|
518
518
|
<param pos="1" name="service.version"/>
|
519
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:nlnetlabs:name_server_daemon:{service.version}"/>
|
519
520
|
</fingerprint>
|
520
521
|
|
521
522
|
<fingerprint pattern="^unbound ([\d.]+)$">
|
@@ -525,6 +526,7 @@
|
|
525
526
|
<param pos="0" name="service.family" value="Unbound"/>
|
526
527
|
<param pos="0" name="service.product" value="unbound"/>
|
527
528
|
<param pos="1" name="service.version"/>
|
529
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:nlnetlabs:unbound:{service.version}"/>
|
528
530
|
</fingerprint>
|
529
531
|
|
530
532
|
<fingerprint pattern="^(?i:unbound)$">
|
@@ -533,6 +535,7 @@
|
|
533
535
|
<param pos="0" name="service.vendor" value="NLnet Labs"/>
|
534
536
|
<param pos="0" name="service.family" value="Unbound"/>
|
535
537
|
<param pos="0" name="service.product" value="unbound"/>
|
538
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:nlnetlabs:unbound:-"/>
|
536
539
|
</fingerprint>
|
537
540
|
|
538
541
|
<fingerprint pattern="^(?:BIND )?(9.[^-]+(?:-[SP]\d)?)(?:-[\d\.]+)?\+deb10u\d+-Raspbian$">
|
@@ -583,8 +586,9 @@
|
|
583
586
|
<example service.version="2.5.0-dev">Knot DNS 2.5.0-dev</example>
|
584
587
|
<param pos="0" name="service.vendor" value="cz.nic"/>
|
585
588
|
<param pos="0" name="service.family" value="Knot"/>
|
586
|
-
<param pos="0" name="service.product" value="DNS"/>
|
589
|
+
<param pos="0" name="service.product" value="Knot DNS"/>
|
587
590
|
<param pos="1" name="service.version"/>
|
591
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:knot-dns:knot_dns:{service.version}"/>
|
588
592
|
</fingerprint>
|
589
593
|
|
590
594
|
<fingerprint pattern="^UltraDNS Resolver$">
|
@@ -754,7 +758,8 @@
|
|
754
758
|
<example>DNSServer</example>
|
755
759
|
<param pos="0" name="service.vendor" value="Synology"/>
|
756
760
|
<param pos="0" name="service.family" value="DSM"/>
|
757
|
-
<param pos="0" name="service.product" value="DNS"/>
|
761
|
+
<param pos="0" name="service.product" value="DNS Server"/>
|
762
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:synology:dns_server:-"/>
|
758
763
|
<param pos="0" name="os.device" value="NAS"/>
|
759
764
|
<param pos="0" name="os.family" value="Linux"/>
|
760
765
|
<param pos="0" name="os.product" value="DSM"/>
|
@@ -855,9 +860,10 @@
|
|
855
860
|
<fingerprint pattern="^gdnsd$">
|
856
861
|
<description>gdnsd</description>
|
857
862
|
<example>gdnsd</example>
|
858
|
-
<param pos="0" name="service.vendor" value="
|
863
|
+
<param pos="0" name="service.vendor" value="gdnsd"/>
|
859
864
|
<param pos="0" name="service.family" value="gdnsd"/>
|
860
865
|
<param pos="0" name="service.product" value="gdnsd"/>
|
866
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:gdnsd:gdnsd:-"/>
|
861
867
|
</fingerprint>
|
862
868
|
|
863
869
|
<fingerprint pattern="^Hi: [\w\.: =]+\d{4}$">
|
data/xml/ftp_banners.xml
CHANGED
@@ -360,6 +360,7 @@ example.com FTP server (Version: Mac OS X Server) ready.
|
|
360
360
|
<example service.version="1.0.11">=(<*>)=-.:. (( Welcome to Pure-FTPd 1.0.11 )) .:.-=(<*>)=-</example>
|
361
361
|
<example service.version="1.0.11">=(<*>)=-.:. (( Welcome to Pure-FTPd 1.0.11 )) .:.-=(<*>)=-
|
362
362
|
more stuff</example>
|
363
|
+
<param pos="0" name="service.fvendor" value="PureFTPd"/>
|
363
364
|
<param pos="0" name="service.family" value="Pure-FTPd"/>
|
364
365
|
<param pos="0" name="service.product" value="Pure-FTPd"/>
|
365
366
|
<param pos="1" name="service.version"/>
|
@@ -374,16 +375,20 @@ more stuff
|
|
374
375
|
<example>--------- Welcome to Pure-FTPd [privsep] [TLS] ----------
|
375
376
|
more text</example>
|
376
377
|
<param pos="1" name="pureftpd.config"/>
|
378
|
+
<param pos="0" name="service.vendor" value="PureFTPd"/>
|
377
379
|
<param pos="0" name="service.family" value="Pure-FTPd"/>
|
378
380
|
<param pos="0" name="service.product" value="Pure-FTPd"/>
|
381
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:pureftpd:pure-ftpd:-"/>
|
379
382
|
</fingerprint>
|
380
383
|
|
381
384
|
<fingerprint pattern="^(?:Welcome to )?Pure-FTPd\.?$">
|
382
385
|
<description>Basic Pure-FTPd banner, no version</description>
|
383
386
|
<example>Welcome to Pure-FTPd</example>
|
384
387
|
<example>Pure-FTPd.</example>
|
388
|
+
<param pos="0" name="service.vendor" value="PureFTPd"/>
|
385
389
|
<param pos="0" name="service.family" value="Pure-FTPd"/>
|
386
390
|
<param pos="0" name="service.product" value="Pure-FTPd"/>
|
391
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:pureftpd:pure-ftpd:-"/>
|
387
392
|
</fingerprint>
|
388
393
|
|
389
394
|
<fingerprint pattern="^=\(.\*.\)=-\.:\. \(\( Welcome to PureFTPd (\d+\..+) \)\) \.:\.-=\(.\*.\)=-" flags="REG_MULTILINE">
|
@@ -391,26 +396,56 @@ more text
|
|
391
396
|
<example service.version="1.1.0">=(<*>)=-.:. (( Welcome to PureFTPd 1.1.0 )) .:.-=(<*>)=-</example>
|
392
397
|
<example service.version="1.1.0">=(<*>)=-.:. (( Welcome to PureFTPd 1.1.0 )) .:.-=(<*>)=-
|
393
398
|
more text</example>
|
399
|
+
<param pos="0" name="service.vendor" value="PureFTPd"/>
|
394
400
|
<param pos="0" name="service.family" value="Pure-FTPd"/>
|
395
401
|
<param pos="0" name="service.product" value="Pure-FTPd"/>
|
396
402
|
<param pos="1" name="service.version"/>
|
403
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:pureftpd:pure-ftpd:{service.version}"/>
|
397
404
|
</fingerprint>
|
398
405
|
|
399
|
-
|
400
|
-
|
406
|
+
<!-- CPEs for Serv-U 15.x and above changed to SolarWinds -->
|
407
|
+
|
408
|
+
<fingerprint pattern="^Serv-U FTP Server v(15\.\S+) ready\.\.\.$">
|
409
|
+
<description>SolarWinds Serv-U with version </description>
|
410
|
+
<example service.version="15.1.3.25">Serv-U FTP Server v15.1.3.25 ready...</example>
|
411
|
+
<param pos="0" name="service.vendor" value="SolarWinds"/>
|
412
|
+
<param pos="0" name="service.product" value="Serv-U FTP Server"/>
|
413
|
+
<param pos="0" name="service.family" value="Serv-U"/>
|
414
|
+
<param pos="1" name="service.version"/>
|
415
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:solarwinds:serv-u_ftp_server:{service.version}"/>
|
416
|
+
</fingerprint>
|
417
|
+
|
418
|
+
<fingerprint pattern="^Serv-U FTP[ -]Server v(\d+\.\S+) for WinSock ready\.*$">
|
419
|
+
<description>Serv-U Serv-U with version on Windows</description>
|
401
420
|
<example service.version="2.5n">Serv-U FTP-Server v2.5n for WinSock ready...</example>
|
402
421
|
<example service.version="6.0">Serv-U FTP Server v6.0 for WinSock ready</example>
|
403
|
-
<
|
404
|
-
<param pos="0" name="service.vendor" value="Rhino Software"/>
|
422
|
+
<param pos="0" name="service.vendor" value="Serv-U"/>
|
405
423
|
<param pos="0" name="service.product" value="Serv-U"/>
|
406
424
|
<param pos="0" name="service.family" value="Serv-U"/>
|
407
425
|
<param pos="1" name="service.version"/>
|
426
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:serv-u:serv-u:{service.version}"/>
|
408
427
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
409
428
|
<param pos="0" name="os.family" value="Windows"/>
|
410
429
|
<param pos="0" name="os.product" value="Windows"/>
|
411
430
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
412
431
|
</fingerprint>
|
413
432
|
|
433
|
+
<fingerprint pattern="^Serv-U FTP[ -]Server v(\d+\.\S+) ready\.*$">
|
434
|
+
<description>Serv-U Serv-U with version </description>
|
435
|
+
<example service.version="7.2">Serv-U FTP Server v7.2 ready...</example>
|
436
|
+
<example service.version="14.0">Serv-U FTP Server v14.0 ready...</example>
|
437
|
+
<param pos="0" name="service.vendor" value="Serv-U"/>
|
438
|
+
<param pos="0" name="service.product" value="Serv-U"/>
|
439
|
+
<param pos="0" name="service.family" value="Serv-U"/>
|
440
|
+
<param pos="1" name="service.version"/>
|
441
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:serv-u:serv-u:{service.version}"/>
|
442
|
+
</fingerprint>
|
443
|
+
|
444
|
+
<fingerprint pattern="^Welcom to Serv-U FTP Server$">
|
445
|
+
<description>Common FTP banner modification to look like Serv-U -- assert nothing.</description>
|
446
|
+
<example>Welcom to Serv-U FTP Server</example>
|
447
|
+
</fingerprint>
|
448
|
+
|
414
449
|
<fingerprint pattern="^zFTPServer v?(\S+), .*ready\.$" flags="REG_ICASE">
|
415
450
|
<description>zftpserver (only runs on Windows)</description>
|
416
451
|
<example service.version="4.0">zFTPServer v4.0, build 2008-12-24 01:41 ready.</example>
|
@@ -427,23 +462,28 @@ more text
|
|
427
462
|
<description>vsFTPd (Very Secure FTP Daemon)</description>
|
428
463
|
<example service.version="1.1.3">(vsFTPd 1.1.3) host</example>
|
429
464
|
<example service.version="2.0.5">(vsFTPd 2.0.5)</example>
|
465
|
+
<param pos="0" name="service.vendor" value="vsFTPd Project"/>
|
430
466
|
<param pos="0" name="service.family" value="vsFTPd"/>
|
431
467
|
<param pos="0" name="service.product" value="vsFTPd"/>
|
432
468
|
<param pos="1" name="service.version"/>
|
469
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:vsftpd_project:vsftpd:{service.version}"/>
|
433
470
|
<param pos="2" name="host.name"/>
|
434
471
|
</fingerprint>
|
435
472
|
|
436
473
|
<fingerprint pattern="^ready, dude \(vsFTPd (\d+\..+): beat me, break me\)$">
|
437
474
|
<description>vsFTPd (Very Secure FTP Daemon) - break me variant</description>
|
438
475
|
<example service.version="1.1.0">ready, dude (vsFTPd 1.1.0: beat me, break me)</example>
|
476
|
+
<param pos="0" name="service.vendor" value="vsFTPd Project"/>
|
439
477
|
<param pos="0" name="service.family" value="vsFTPd"/>
|
440
478
|
<param pos="0" name="service.product" value="vsFTPd"/>
|
441
479
|
<param pos="1" name="service.version"/>
|
480
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:vsftpd_project:vsftpd:{service.version}"/>
|
442
481
|
</fingerprint>
|
443
482
|
|
444
483
|
<fingerprint pattern="^vsFTPd ([\d.]+\+ \(ext\.3\)) ready\.\.\.$">
|
445
484
|
<description>vsFTPd (Very Secure FTP Daemon) extended build (vsftpd.devnet.ru)</description>
|
446
485
|
<example service.version="2.0.4+ (ext.3)">vsFTPd 2.0.4+ (ext.3) ready...</example>
|
486
|
+
<param pos="0" name="service.vendor" value="vsFTPd Project"/>
|
447
487
|
<param pos="0" name="service.family" value="vsFTPd"/>
|
448
488
|
<param pos="0" name="service.product" value="vsFTPd Extended"/>
|
449
489
|
<param pos="1" name="service.version"/>
|
@@ -453,8 +493,10 @@ more text
|
|
453
493
|
<description>vsFTPd (Very Secure FTP Daemon) error message</description>
|
454
494
|
<example>OOPS: vsftpd: root is not mounted.</example>
|
455
495
|
<example>OOPS: cannot read user list file:/etc/vsftpd.user_list</example>
|
496
|
+
<param pos="0" name="service.vendor" value="vsFTPd Project"/>
|
456
497
|
<param pos="0" name="service.family" value="vsFTPd"/>
|
457
498
|
<param pos="0" name="service.product" value="vsFTPd"/>
|
499
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:vsftpd_project:vsftpd:-"/>
|
458
500
|
</fingerprint>
|
459
501
|
|
460
502
|
<fingerprint pattern="^FileZilla Server(?: version)? (?:v)?(\d\.[\w.]+(?: beta)?).*$">
|
@@ -463,9 +505,14 @@ more text
|
|
463
505
|
<example service.version="0.9.13a beta">FileZilla Server version 0.9.13a beta</example>
|
464
506
|
<example service.version="0.9.54 beta">FileZilla Server 0.9.54 beta</example>
|
465
507
|
<example service.version="0.9.33 beta">FileZilla Server v0.9.33 beta</example>
|
508
|
+
<param pos="0" name="service.vendor" value="Filezilla-Project"/>
|
466
509
|
<param pos="0" name="service.family" value="FileZilla FTP Server"/>
|
467
510
|
<param pos="0" name="service.product" value="FileZilla FTP Server"/>
|
468
511
|
<param pos="1" name="service.version"/>
|
512
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
513
|
+
<param pos="0" name="os.family" value="Windows"/>
|
514
|
+
<param pos="0" name="os.product" value="Windows"/>
|
515
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
469
516
|
</fingerprint>
|
470
517
|
|
471
518
|
<fingerprint pattern="^\s*APC FTP server ready\.$">
|
data/xml/http_servers.xml
CHANGED
@@ -793,6 +793,7 @@
|
|
793
793
|
<param pos="0" name="service.vendor" value="LiteSpeed Technologies"/>
|
794
794
|
<param pos="0" name="service.product" value="LiteSpeed Web Server"/>
|
795
795
|
<param pos="1" name="service.version"/>
|
796
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:litespeedtech:litespeed_web_server:{service.version}"/>
|
796
797
|
</fingerprint>
|
797
798
|
|
798
799
|
<fingerprint pattern="^IdeaWebServer\/v?([\d.]+)$">
|
@@ -828,8 +829,9 @@
|
|
828
829
|
<example service.version="15.1.6.31">Serv-U/15.1.6.31</example>
|
829
830
|
<param pos="0" name="service.vendor" value="SolarWinds"/>
|
830
831
|
<param pos="0" name="service.family" value="Serv-U"/>
|
831
|
-
<param pos="0" name="service.product" value="FTP Server"/>
|
832
|
+
<param pos="0" name="service.product" value="Serv-U FTP Server"/>
|
832
833
|
<param pos="1" name="service.version"/>
|
834
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:solarwinds:serv-u_ftp_server:{service.version}"/>
|
833
835
|
</fingerprint>
|
834
836
|
|
835
837
|
<fingerprint pattern="^Wing FTP Server/([\d.]+)\([^)]*\)$">
|
@@ -1151,18 +1153,29 @@
|
|
1151
1153
|
<fingerprint pattern="^Sun GlassFish Enterprise Server v(\S+)$">
|
1152
1154
|
<description>Glassfish with version information</description>
|
1153
1155
|
<example service.version="2.1">Sun GlassFish Enterprise Server v2.1</example>
|
1154
|
-
<param pos="0" name="service.vendor" value="
|
1156
|
+
<param pos="0" name="service.vendor" value="Oracle"/>
|
1155
1157
|
<param pos="0" name="service.product" value="GlassFish Server"/>
|
1156
1158
|
<param pos="1" name="service.version"/>
|
1159
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:oracle:glassfish_server:{service.version}"/>
|
1157
1160
|
</fingerprint>
|
1158
1161
|
|
1159
1162
|
<fingerprint pattern="^GlassFish Server Open Source Edition\s+(\S+)$">
|
1160
1163
|
<description>Glassfish Open Source Edition with version information</description>
|
1161
1164
|
<example service.version="4.1.2">GlassFish Server Open Source Edition 4.1.2</example>
|
1162
1165
|
<example service.version="3.1.2.2">GlassFish Server Open Source Edition 3.1.2.2</example>
|
1163
|
-
<param pos="0" name="service.vendor" value="
|
1166
|
+
<param pos="0" name="service.vendor" value="Oracle"/>
|
1167
|
+
<param pos="0" name="service.product" value="GlassFish Server"/>
|
1168
|
+
<param pos="1" name="service.version"/>
|
1169
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:oracle:glassfish_server:{service.version}"/>
|
1170
|
+
</fingerprint>
|
1171
|
+
|
1172
|
+
<fingerprint pattern="^Oracle GlassFish Server ([\d.]+)$">
|
1173
|
+
<description>Oracle GlassFish Server</description>
|
1174
|
+
<example service.version="3.1.2.14">Oracle GlassFish Server 3.1.2.14</example>
|
1175
|
+
<param pos="0" name="service.vendor" value="Oracle"/>
|
1164
1176
|
<param pos="0" name="service.product" value="GlassFish Server"/>
|
1165
1177
|
<param pos="1" name="service.version"/>
|
1178
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:oracle:glassfish_server:{service.version}"/>
|
1166
1179
|
</fingerprint>
|
1167
1180
|
|
1168
1181
|
<fingerprint pattern="^GlassFish$">
|
@@ -1343,9 +1356,11 @@
|
|
1343
1356
|
<fingerprint pattern="^thttpd/(\d\.[\w.]+)-MX\s*.*$">
|
1344
1357
|
<description>thttpd with SSL support</description>
|
1345
1358
|
<example>thttpd/2.19-MX Jan 24 2006</example>
|
1359
|
+
<param pos="0" name="service.vendor" value="ACME"/>
|
1346
1360
|
<param pos="0" name="service.product" value="thttpd"/>
|
1347
1361
|
<param pos="0" name="service.family" value="thttpd"/>
|
1348
1362
|
<param pos="1" name="service.version"/>
|
1363
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:acme:thttpd:{service.version}"/>
|
1349
1364
|
<param pos="0" name="thttpd.mx-patch" value="enabled"/>
|
1350
1365
|
</fingerprint>
|
1351
1366
|
|
@@ -1367,9 +1382,11 @@
|
|
1367
1382
|
<example>Lighttpd</example>
|
1368
1383
|
<example service.version="1.4.16">lighttpd/1.4.16</example>
|
1369
1384
|
<example>lighttpd/1.3.7 (Mar 23 2007/16:00:15)</example>
|
1385
|
+
<param pos="0" name="service.vendor" value="lighttpd"/>
|
1370
1386
|
<param pos="0" name="service.product" value="lighttpd"/>
|
1371
1387
|
<param pos="0" name="service.family" value="lighttpd"/>
|
1372
1388
|
<param pos="1" name="service.version"/>
|
1389
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:lighttpd:lighttpd:{service.version}"/>
|
1373
1390
|
</fingerprint>
|
1374
1391
|
|
1375
1392
|
<fingerprint pattern="^nginx$">
|
@@ -1596,6 +1613,18 @@
|
|
1596
1613
|
<param pos="0" name="service.component.cpe23" value="cpe:/a:sap:netweaver_application_server:-"/>
|
1597
1614
|
</fingerprint>
|
1598
1615
|
|
1616
|
+
<fingerprint pattern="^SAP J2EE Engine$">
|
1617
|
+
<description>SAP NetWeaver Application Server Java - without version</description>
|
1618
|
+
<example>SAP J2EE Engine</example>
|
1619
|
+
<param pos="0" name="service.vendor" value="SAP"/>
|
1620
|
+
<param pos="0" name="service.product" value="NetWeaver Application Server Java"/>
|
1621
|
+
<param pos="0" name="service.family" value="NetWeaver"/>
|
1622
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sap:netweaver_application_server_java:-"/>
|
1623
|
+
<param pos="0" name="service.component.vendor" value="SAP"/>
|
1624
|
+
<param pos="0" name="service.component.product" value="NetWeaver Application Server"/>
|
1625
|
+
<param pos="0" name="service.component.cpe23" value="cpe:/a:sap:netweaver_application_server:-"/>
|
1626
|
+
</fingerprint>
|
1627
|
+
|
1599
1628
|
<fingerprint pattern="^SAP NetWeaver Application Server$">
|
1600
1629
|
<description>SAP NetWeaver Application Server without version</description>
|
1601
1630
|
<example>SAP NetWeaver Application Server</example>
|
@@ -2325,9 +2354,10 @@
|
|
2325
2354
|
<fingerprint pattern="^GoAhead-(?:Webs|http)$">
|
2326
2355
|
<description>GoAhead-Webs - no version</description>
|
2327
2356
|
<example>GoAhead-Webs</example>
|
2328
|
-
<param pos="0" name="service.vendor" value="
|
2357
|
+
<param pos="0" name="service.vendor" value="EmbedThis"/>
|
2329
2358
|
<param pos="0" name="service.product" value="GoAhead Webserver"/>
|
2330
2359
|
<param pos="0" name="service.family" value="GoAhead Webserver"/>
|
2360
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:embedthis:goahead:-"/>
|
2331
2361
|
</fingerprint>
|
2332
2362
|
|
2333
2363
|
<fingerprint pattern="(?i)^GoAhead(?:-Webs|-http)?\/([\d.]+)(?: PeerSec-MatrixSSL\/[\d.]+-OPEN)?$">
|
@@ -2430,10 +2460,11 @@
|
|
2430
2460
|
<description>A small HTTP server</description>
|
2431
2461
|
<example>mini_httpd/1.14 23jun2000</example>
|
2432
2462
|
<example>mini_httpd/1 23jun2000</example>
|
2433
|
-
<param pos="0" name="service.vendor" value="ACME
|
2463
|
+
<param pos="0" name="service.vendor" value="ACME"/>
|
2434
2464
|
<param pos="0" name="service.product" value="mini_httpd"/>
|
2435
2465
|
<param pos="0" name="service.family" value="mini_httpd"/>
|
2436
2466
|
<param pos="1" name="service.version"/>
|
2467
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:acme:mini_httpd:{service.version}"/>
|
2437
2468
|
</fingerprint>
|
2438
2469
|
|
2439
2470
|
<fingerprint pattern="^thin ((?:\d+\.)*\d+) codename .+$">
|
@@ -2594,8 +2625,10 @@
|
|
2594
2625
|
<example service.version="0.93.15">Boa/0.93.15 (with Intersil Extensions)</example>
|
2595
2626
|
<example service.version="0.92p">Boa/0.92p OS-9 Version</example>
|
2596
2627
|
<example service.version="0.93.15">Boa/0.93.15</example>
|
2628
|
+
<param pos="0" name="service.vendor" value="Boa"/>
|
2597
2629
|
<param pos="0" name="service.product" value="Boa"/>
|
2598
2630
|
<param pos="1" name="service.version"/>
|
2631
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:boa:boa:{service.version}"/>
|
2599
2632
|
</fingerprint>
|
2600
2633
|
|
2601
2634
|
<!-- HiSilicon is OEMd by a number of DVR manufacturers -->
|
@@ -2755,8 +2788,10 @@
|
|
2755
2788
|
<fingerprint pattern="^gSOAP/([\d\.]+)$">
|
2756
2789
|
<description>gSOAP</description>
|
2757
2790
|
<example service.version="2.7">gSOAP/2.7</example>
|
2791
|
+
<param pos="0" name="service.vendor" value="Genivia"/>
|
2758
2792
|
<param pos="0" name="service.product" value="gSOAP"/>
|
2759
2793
|
<param pos="1" name="service.version"/>
|
2794
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:genivia:gsoap:{service.version}"/>
|
2760
2795
|
</fingerprint>
|
2761
2796
|
|
2762
2797
|
<!-- Apple QuickTime streaming server -->
|
@@ -3870,4 +3905,15 @@
|
|
3870
3905
|
<param pos="0" name="hw.device" value="Broadband router"/>
|
3871
3906
|
</fingerprint>
|
3872
3907
|
|
3908
|
+
<fingerprint pattern="^IX Series IX21\d\d \(magellan-sec\) Software, Version ([^, ]+), (?:MAINTENANCE )?RELEASE SOFTWARE$">
|
3909
|
+
<description>NEC Univerge Router - enterprise class with VPN, UTM, etc</description>
|
3910
|
+
<example>IX Series IX2106 (magellan-sec) Software, Version 10.2.20, RELEASE SOFTWARE</example>
|
3911
|
+
<example>IX Series IX2105 (magellan-sec) Software, Version 9.6.12A, MAINTENANCE RELEASE SOFTWARE</example>
|
3912
|
+
<param pos="0" name="hw.vendor" value="NEC"/>
|
3913
|
+
<param pos="0" name="hw.product" value="Univerge"/>
|
3914
|
+
<param pos="1" name="hw.version"/>
|
3915
|
+
<param pos="0" name="hw.device" value="Router"/>
|
3916
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:nec:univerge:{hw.version}"/>
|
3917
|
+
</fingerprint>
|
3918
|
+
|
3873
3919
|
</fingerprints>
|
data/xml/imap_banners.xml
CHANGED
@@ -113,8 +113,10 @@
|
|
113
113
|
<description>Dovecot Secure IMAP Server</description>
|
114
114
|
<example>Dovecot ready.</example>
|
115
115
|
<example>Dovecot DA ready.</example>
|
116
|
+
<param pos="0" name="service.vendor" value="Dovecot"/>
|
116
117
|
<param pos="0" name="service.family" value="Dovecot"/>
|
117
118
|
<param pos="0" name="service.product" value="Dovecot"/>
|
119
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:dovecot:dovecot:-"/>
|
118
120
|
</fingerprint>
|
119
121
|
|
120
122
|
<fingerprint pattern="^Courier-IMAP ready. Copyright \d+-\d+">
|
@@ -163,6 +165,7 @@
|
|
163
165
|
<param pos="0" name="service.family" value="Cyrus MTA"/>
|
164
166
|
<param pos="0" name="service.product" value="Cyrus IMAP"/>
|
165
167
|
<param pos="2" name="service.version"/>
|
168
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:cmu:cyrus_imap_server:{service.version}"/>
|
166
169
|
<param pos="0" name="os.vendor" value="Apple"/>
|
167
170
|
<param pos="0" name="os.family" value="Mac OS X"/>
|
168
171
|
<param pos="0" name="os.product" value="Mac OS X"/>
|
@@ -179,6 +182,7 @@
|
|
179
182
|
<param pos="0" name="service.family" value="Cyrus MTA"/>
|
180
183
|
<param pos="0" name="service.product" value="Cyrus IMAP"/>
|
181
184
|
<param pos="2" name="service.version"/>
|
185
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:cmu:cyrus_imap_server:{service.version}"/>
|
182
186
|
<param pos="1" name="host.name"/>
|
183
187
|
</fingerprint>
|
184
188
|
|
data/xml/pop_banners.xml
CHANGED
@@ -180,8 +180,10 @@
|
|
180
180
|
|
181
181
|
<fingerprint pattern="^[dD]ovecot (?:DA )?ready\.(?: <.+@(.+)>)?$">
|
182
182
|
<description>Dovecot Secure POP Server</description>
|
183
|
+
<param pos="0" name="service.vendor" value="Dovecot"/>
|
183
184
|
<param pos="0" name="service.family" value="Dovecot"/>
|
184
185
|
<param pos="0" name="service.product" value="Dovecot"/>
|
186
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:dovecot:dovecot:-"/>
|
185
187
|
<param pos="1" name="host.name"/>
|
186
188
|
</fingerprint>
|
187
189
|
|
data/xml/smtp_banners.xml
CHANGED
@@ -861,6 +861,7 @@
|
|
861
861
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
|
862
862
|
<param pos="1" name="host.name"/>
|
863
863
|
<param pos="2" name="service.version"/>
|
864
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:ibm:lotus_domino:{service.version}"/>
|
864
865
|
<param pos="3" name="system.time"/>
|
865
866
|
</fingerprint>
|
866
867
|
|
@@ -940,11 +941,13 @@
|
|
940
941
|
|
941
942
|
<fingerprint pattern="^([^ ]+) Postfix \(Postfix-([^ ]+)-([^ ]+)\) \(([^ ]+)\) *$">
|
942
943
|
<description>Postfix - version + build, followed by os</description>
|
944
|
+
<param pos="0" name="service.vendor" value="Postfix"/>
|
943
945
|
<param pos="0" name="service.family" value="Postfix"/>
|
944
946
|
<param pos="0" name="service.product" value="Postfix"/>
|
945
947
|
<param pos="1" name="host.name"/>
|
946
948
|
<param pos="2" name="service.version"/>
|
947
949
|
<param pos="3" name="service.version.version"/>
|
950
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:{service.version}"/>
|
948
951
|
<param pos="4" name="postfix.os.info"/>
|
949
952
|
</fingerprint>
|
950
953
|
|
@@ -952,27 +955,33 @@
|
|
952
955
|
<description>Postfix - Std semantic versioning, w/ optional parens</description>
|
953
956
|
<example service.version="3.1.4">foo.bar ESMTP Postfix (3.1.4)</example>
|
954
957
|
<example service.version="2.7.1">foo.bar ESMTP Postfix 2.7.1</example>
|
958
|
+
<param pos="0" name="service.vendor" value="Postfix"/>
|
955
959
|
<param pos="0" name="service.family" value="Postfix"/>
|
956
960
|
<param pos="0" name="service.product" value="Postfix"/>
|
957
961
|
<param pos="1" name="host.name"/>
|
958
962
|
<param pos="2" name="service.version"/>
|
963
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:{service.version}"/>
|
959
964
|
</fingerprint>
|
960
965
|
|
961
966
|
<fingerprint pattern="^([^ ]+) ESMTP Postfix \((?:Postfix-)?([\d.]+)-([^ ]+)\)$">
|
962
967
|
<description>Postfix - version + build</description>
|
963
968
|
<example service.version="2.8" service.version.version="20100306">foo.bar ESMTP Postfix (2.8-20100306)</example>
|
969
|
+
<param pos="0" name="service.vendor" value="Postfix"/>
|
964
970
|
<param pos="0" name="service.family" value="Postfix"/>
|
965
971
|
<param pos="0" name="service.product" value="Postfix"/>
|
966
972
|
<param pos="1" name="host.name"/>
|
967
973
|
<param pos="2" name="service.version"/>
|
968
974
|
<param pos="3" name="service.version.version"/>
|
975
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:{service.version}"/>
|
969
976
|
</fingerprint>
|
970
977
|
|
971
978
|
<fingerprint pattern="^([^ ]+) +E?SMTP Postfix \(Ubuntu\)$">
|
972
979
|
<description>Postfix - Ubuntu</description>
|
973
980
|
<example>foo.bar ESMTP Postfix (Ubuntu)</example>
|
981
|
+
<param pos="0" name="service.vendor" value="Postfix"/>
|
974
982
|
<param pos="0" name="service.family" value="Postfix"/>
|
975
983
|
<param pos="0" name="service.product" value="Postfix"/>
|
984
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:-"/>
|
976
985
|
<param pos="1" name="host.name"/>
|
977
986
|
<param pos="0" name="os.vendor" value="Ubuntu"/>
|
978
987
|
<param pos="0" name="os.family" value="Linux"/>
|
@@ -984,8 +993,10 @@
|
|
984
993
|
<description>Postfix - Ubuntu, Mail-in-a-Box package</description>
|
985
994
|
<example>foo.bar ESMTP Hi, I'm a Mail-in-a-Box (Ubuntu/Postfix; see https://mailinabox.email/)</example>
|
986
995
|
<example>foo.bar Hi, I'm a Mail-in-a-Box (Ubuntu/Postfix; see https://mailinabox.email/)</example>
|
996
|
+
<param pos="0" name="service.vendor" value="Postfix"/>
|
987
997
|
<param pos="0" name="service.family" value="Postfix"/>
|
988
998
|
<param pos="0" name="service.product" value="Postfix"/>
|
999
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:-"/>
|
989
1000
|
<param pos="1" name="host.name"/>
|
990
1001
|
<param pos="0" name="os.vendor" value="Ubuntu"/>
|
991
1002
|
<param pos="0" name="os.family" value="Linux"/>
|
@@ -996,8 +1007,10 @@
|
|
996
1007
|
<fingerprint pattern="^([^ ]+) +E?SMTP Postfix \(Debian/GNU\)$">
|
997
1008
|
<description>Postfix - Debian</description>
|
998
1009
|
<example>foo.bar ESMTP Postfix (Debian/GNU)</example>
|
1010
|
+
<param pos="0" name="service.vendor" value="Postfix"/>
|
999
1011
|
<param pos="0" name="service.family" value="Postfix"/>
|
1000
1012
|
<param pos="0" name="service.product" value="Postfix"/>
|
1013
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:-"/>
|
1001
1014
|
<param pos="1" name="host.name"/>
|
1002
1015
|
<param pos="0" name="os.vendor" value="Debian"/>
|
1003
1016
|
<param pos="0" name="os.family" value="Linux"/>
|
@@ -1008,8 +1021,10 @@
|
|
1008
1021
|
<fingerprint pattern="^([^ ]+) ESMTP.* Postfix *\(.+\) *$">
|
1009
1022
|
<description>Postfix - generic banner with amusing comments in parentheses</description>
|
1010
1023
|
<example>foo.bar ESMTP Postfix (lol)</example>
|
1024
|
+
<param pos="0" name="service.vendor" value="Postfix"/>
|
1011
1025
|
<param pos="0" name="service.family" value="Postfix"/>
|
1012
1026
|
<param pos="0" name="service.product" value="Postfix"/>
|
1027
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:-"/>
|
1013
1028
|
<param pos="1" name="host.name"/>
|
1014
1029
|
</fingerprint>
|
1015
1030
|
|
@@ -1017,23 +1032,29 @@
|
|
1017
1032
|
<description>Postfix - generic banner</description>
|
1018
1033
|
<example>foo.bar ESMTP Postfix</example>
|
1019
1034
|
<example>foo.bar SMTP Postfix</example>
|
1035
|
+
<param pos="0" name="service.vendor" value="Postfix"/>
|
1020
1036
|
<param pos="0" name="service.family" value="Postfix"/>
|
1021
1037
|
<param pos="0" name="service.product" value="Postfix"/>
|
1038
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:-"/>
|
1022
1039
|
<param pos="1" name="host.name"/>
|
1023
1040
|
</fingerprint>
|
1024
1041
|
|
1025
1042
|
<fingerprint pattern="^ *ESMTP Postfix$">
|
1026
1043
|
<description>Postfix - banner without hostname or version</description>
|
1027
1044
|
<example>ESMTP Postfix</example>
|
1045
|
+
<param pos="0" name="service.vendor" value="Postfix"/>
|
1028
1046
|
<param pos="0" name="service.family" value="Postfix"/>
|
1029
1047
|
<param pos="0" name="service.product" value="Postfix"/>
|
1048
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:-"/>
|
1030
1049
|
</fingerprint>
|
1031
1050
|
|
1032
1051
|
<fingerprint pattern="^(?i)([^ ]+) POSTFIX$">
|
1033
1052
|
<description>Postfix - generic w/o ESMTP</description>
|
1034
1053
|
<example host.name="foo.bar">foo.bar Postfix</example>
|
1054
|
+
<param pos="0" name="service.vendor" value="Postfix"/>
|
1035
1055
|
<param pos="0" name="service.family" value="Postfix"/>
|
1036
1056
|
<param pos="0" name="service.product" value="Postfix"/>
|
1057
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:-"/>
|
1037
1058
|
<param pos="1" name="host.name"/>
|
1038
1059
|
</fingerprint>
|
1039
1060
|
|
@@ -1070,13 +1091,16 @@
|
|
1070
1091
|
<fingerprint pattern="^Sendmail ESMTP ready$">
|
1071
1092
|
<description>Sendmail - short banner w/o hostname, version, platform, or date.</description>
|
1072
1093
|
<example>Sendmail ESMTP ready</example>
|
1094
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1073
1095
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1074
1096
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1097
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:-"/>
|
1075
1098
|
</fingerprint>
|
1076
1099
|
|
1077
1100
|
<fingerprint pattern="^([^ ]+) +ESMTP +Sendmail +([^ ]+) \(PHNE_([^ ]+)\) */ *(.+); *(.+) \(.+\)$">
|
1078
1101
|
<description>Sendmail - HP-UX with a PHNE (HP Networking patch) installed</description>
|
1079
1102
|
<example host.name="foo.bar" service.version="8.8.6" sendmail.config.version="8.7.1">foo.bar ESMTP Sendmail 8.8.6 (PHNE_14041)/8.7.1; Tue, 6 Feb 2001 10:04:32 -0300 (SAT)</example>
|
1103
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1080
1104
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1081
1105
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1082
1106
|
<param pos="0" name="os.vendor" value="HP"/>
|
@@ -1086,6 +1110,7 @@
|
|
1086
1110
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
|
1087
1111
|
<param pos="1" name="host.name"/>
|
1088
1112
|
<param pos="2" name="service.version"/>
|
1113
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1089
1114
|
<param pos="3" name="sendmail.hpux.phne.version"/>
|
1090
1115
|
<param pos="4" name="sendmail.config.version"/>
|
1091
1116
|
<param pos="5" name="system.time"/>
|
@@ -1094,6 +1119,7 @@
|
|
1094
1119
|
<fingerprint pattern="^(\S+) ESMTP Sendmail \S+ version ([\d\.]+) - Revision \S+ HP-UX([\d\.]+).*(\w\w\w, \d+ \w\w\w \d\d\d\d [\d:]+ \w\w\w)$">
|
1095
1120
|
<description>Sendmail - HP-UX</description>
|
1096
1121
|
<example host.name="foo.bar" os.version="11.31" service.version="8.13.3">foo.bar ESMTP Sendmail @(#)Sendmail version 8.13.3 - Revision 1.004:: HP-UX11.31 - 03rd February,2010/8.11.1; Wed, 20 May 2015 23:35:38 GMT</example>
|
1122
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1097
1123
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1098
1124
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1099
1125
|
<param pos="0" name="os.vendor" value="HP"/>
|
@@ -1104,12 +1130,14 @@
|
|
1104
1130
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss z"/>
|
1105
1131
|
<param pos="1" name="host.name"/>
|
1106
1132
|
<param pos="2" name="service.version"/>
|
1133
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1107
1134
|
<param pos="4" name="system.time"/>
|
1108
1135
|
</fingerprint>
|
1109
1136
|
|
1110
1137
|
<fingerprint pattern="^([^ ]+) +ESMTP +Sendmail +([^ ]+)/UW([^ ]+) ready at *(.+) \(.+\) *$">
|
1111
1138
|
<description>Sendmail - Unixware</description>
|
1112
1139
|
<example service.version="8.8.7">foo.bar ESMTP Sendmail 8.8.7/UW7.1.0 ready at Tue, 6 Feb 2001 16:39:30 -0300 (GMT-0300)</example>
|
1140
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1113
1141
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1114
1142
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1115
1143
|
<param pos="0" name="os.vendor" value="SCO"/>
|
@@ -1118,6 +1146,7 @@
|
|
1118
1146
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
|
1119
1147
|
<param pos="1" name="host.name"/>
|
1120
1148
|
<param pos="2" name="service.version"/>
|
1149
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1121
1150
|
<param pos="3" name="os.version"/>
|
1122
1151
|
<param pos="4" name="system.time"/>
|
1123
1152
|
</fingerprint>
|
@@ -1125,6 +1154,7 @@
|
|
1125
1154
|
<fingerprint pattern="^([^ ]+) ESMTP Sendmail AIX([^/]+)/UCB ([^;]+); (.+) \(.+\)$">
|
1126
1155
|
<description>Sendmail - AIX (UCB variant)</description>
|
1127
1156
|
<example os.version="4.2" service.version="8.7">foo.bar ESMTP Sendmail AIX4.2/UCB 8.7; Sun, 29 Jul 2001 22:34:37 -0400 (EDT)</example>
|
1157
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1128
1158
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1129
1159
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1130
1160
|
<param pos="0" name="os.vendor" value="IBM"/>
|
@@ -1135,12 +1165,14 @@
|
|
1135
1165
|
<param pos="2" name="os.version"/>
|
1136
1166
|
<param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:{os.version}"/>
|
1137
1167
|
<param pos="3" name="service.version"/>
|
1168
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1138
1169
|
<param pos="4" name="system.time"/>
|
1139
1170
|
</fingerprint>
|
1140
1171
|
|
1141
1172
|
<fingerprint pattern="^([^ ]+) Sendmail AIX([^/]+)/UCB ([^/]+)/([^ ]+) ready at (.+)$">
|
1142
1173
|
<description>Sendmail - AIX (UCB/ready at variant)</description>
|
1143
1174
|
<example>foo.bar Sendmail AIX 4.1/UCB 5.64/4.03 ready at Mon, 30 Jul 2001 00:42:21 -0500</example>
|
1175
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1144
1176
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1145
1177
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1146
1178
|
<param pos="0" name="os.vendor" value="IBM"/>
|
@@ -1151,6 +1183,7 @@
|
|
1151
1183
|
<param pos="2" name="os.version"/>
|
1152
1184
|
<param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:{os.version}"/>
|
1153
1185
|
<param pos="3" name="service.version"/>
|
1186
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1154
1187
|
<param pos="4" name="sendmail.config.version"/>
|
1155
1188
|
<param pos="5" name="system.time"/>
|
1156
1189
|
</fingerprint>
|
@@ -1159,6 +1192,7 @@
|
|
1159
1192
|
<description>Sendmail - AIX</description>
|
1160
1193
|
<example host.name="foo.bar" os.version="4.2" service.version="8.7" sendmail.config.version="8.8">foo.bar ESMTP Sendmail AIX4.2/8.7/8.8; Sun, 29 Jul 2001 22:34:37 -0400 (EDT)</example>
|
1161
1194
|
<example host.name="foo.bar" os.version="5.1" service.version="8.11.6p2" sendmail.config.version="8.11.0">foo.bar ESMTP Sendmail AIX5.1/8.11.6p2/8.11.0; Fri, 28 Aug 1970 19:42:05 -0800</example>
|
1195
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1162
1196
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1163
1197
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1164
1198
|
<param pos="0" name="os.vendor" value="IBM"/>
|
@@ -1169,6 +1203,7 @@
|
|
1169
1203
|
<param pos="2" name="os.version"/>
|
1170
1204
|
<param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:{os.version}"/>
|
1171
1205
|
<param pos="3" name="service.version"/>
|
1206
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1172
1207
|
<param pos="4" name="sendmail.config.version"/>
|
1173
1208
|
<param pos="5" name="system.time"/>
|
1174
1209
|
</fingerprint>
|
@@ -1176,6 +1211,7 @@
|
|
1176
1211
|
<fingerprint pattern="^([^ ]+) ESMTP Sendmail ([^/]+)/([^/]+)/SuSE Linux ([^;]+); (.+)$">
|
1177
1212
|
<description>Sendmail - SuSE Linux</description>
|
1178
1213
|
<example>foo.bar ESMTP Sendmail 8.9.3/8.9.3/SuSE Linux 8.9.3-0.1; Mon, 30 Jul 2001 04:48:54 +0200</example>
|
1214
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1179
1215
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1180
1216
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1181
1217
|
<param pos="0" name="os.vendor" value="SuSE"/>
|
@@ -1185,6 +1221,7 @@
|
|
1185
1221
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
|
1186
1222
|
<param pos="1" name="host.name"/>
|
1187
1223
|
<param pos="2" name="service.version"/>
|
1224
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1188
1225
|
<param pos="3" name="sendmail.config.version"/>
|
1189
1226
|
<param pos="4" name="sendmail.vendor.version"/>
|
1190
1227
|
<param pos="5" name="system.time"/>
|
@@ -1193,6 +1230,7 @@
|
|
1193
1230
|
<fingerprint pattern="^([^ ]+) ESMTP Sendmail ([^ ]+)\+Sun/([^ ]+); (.+)$">
|
1194
1231
|
<description>Sendmail - Solaris with date (no time offeset variant)</description>
|
1195
1232
|
<example>foo.bar ESMTP Sendmail 8.9.3+Sun/8.9.1; Mon, 30 Jul 2001 02:50:22 GMT</example>
|
1233
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1196
1234
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1197
1235
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1198
1236
|
<param pos="0" name="os.vendor" value="Sun"/>
|
@@ -1202,6 +1240,7 @@
|
|
1202
1240
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss zzz"/>
|
1203
1241
|
<param pos="1" name="host.name"/>
|
1204
1242
|
<param pos="2" name="service.version"/>
|
1243
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1205
1244
|
<param pos="3" name="sendmail.config.version"/>
|
1206
1245
|
<param pos="4" name="system.time"/>
|
1207
1246
|
</fingerprint>
|
@@ -1209,6 +1248,7 @@
|
|
1209
1248
|
<fingerprint pattern="^([^ ]+) ESMTP Sendmail ([^ ]+)\+Sun/([^ ]+) ready at (.+) \(.+\)$">
|
1210
1249
|
<description>Sendmail - Solaris with date (ready variant)</description>
|
1211
1250
|
<example>foo.bar ESMTP Sendmail 8.8.8+Sun/8.6.4 ready at Thu, 15 Nov 2000 11:40:32 -0800 (PST)</example>
|
1251
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1212
1252
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1213
1253
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1214
1254
|
<param pos="0" name="os.vendor" value="Sun"/>
|
@@ -1218,6 +1258,7 @@
|
|
1218
1258
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
|
1219
1259
|
<param pos="1" name="host.name"/>
|
1220
1260
|
<param pos="2" name="service.version"/>
|
1261
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1221
1262
|
<param pos="3" name="sendmail.config.version"/>
|
1222
1263
|
<param pos="4" name="system.time"/>
|
1223
1264
|
</fingerprint>
|
@@ -1226,6 +1267,7 @@
|
|
1226
1267
|
<description>Sendmail - Debian</description>
|
1227
1268
|
<example service.version="8.12.0.Beta7" sendmail.config.version="8.12.0.Beta7" sendmail.vendor.version="8.12.0.Beta7-1">foo.bar ESMTP Debian Sendmail 8.12.0.Beta7/8.12.0.Beta7/Debian 8.12.0.Beta7-1; Sun, 29 Jul 2001 18:52:20 -0800</example>
|
1228
1269
|
<example service.version="8.11.0" sendmail.config.version="8.9.3" sendmail.vendor.version="8.9.3-21">foo.bar ESMTP Sendmail 8.11.0/8.9.3/Debian 8.9.3-21; Sun, 29 Jul 2001 19:51:00 -0700</example>
|
1270
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1229
1271
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1230
1272
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1231
1273
|
<param pos="0" name="os.vendor" value="Debian"/>
|
@@ -1235,6 +1277,7 @@
|
|
1235
1277
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
|
1236
1278
|
<param pos="1" name="host.name"/>
|
1237
1279
|
<param pos="2" name="service.version"/>
|
1280
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1238
1281
|
<param pos="3" name="sendmail.config.version"/>
|
1239
1282
|
<param pos="4" name="sendmail.vendor.version"/>
|
1240
1283
|
<param pos="5" name="system.time"/>
|
@@ -1244,6 +1287,7 @@
|
|
1244
1287
|
<description>Sendmail - Debian 7.x (wheezy)</description>
|
1245
1288
|
<example service.version="8.14.4">foo.bar ESMTP Sendmail 8.14.4/8.14.4/Debian-4+wheezy1; Thu, 30 Nov 2017 10:33:05 +0100; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
|
1246
1289
|
<example service.version="8.14.4">foo.bar ESMTP Sendmail 8.14.4/8.14.4/Debian-4+deb7u1; Thu, 30 Nov 2017 11:00:33 +0100; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
|
1290
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1247
1291
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1248
1292
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1249
1293
|
<param pos="0" name="os.vendor" value="Debian"/>
|
@@ -1254,6 +1298,7 @@
|
|
1254
1298
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
|
1255
1299
|
<param pos="1" name="host.name"/>
|
1256
1300
|
<param pos="2" name="service.version"/>
|
1301
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1257
1302
|
<param pos="3" name="sendmail.config.version"/>
|
1258
1303
|
<param pos="4" name="system.time"/>
|
1259
1304
|
</fingerprint>
|
@@ -1261,6 +1306,7 @@
|
|
1261
1306
|
<fingerprint pattern="^([^ ]+) ESMTP Sendmail ([^/]+)/([^/]+)/Debian-\d\+deb8u\d; (.+); .*$">
|
1262
1307
|
<description>Sendmail - Debian 8.x (jessie)</description>
|
1263
1308
|
<example service.version="8.14.4">foo.bar ESMTP Sendmail 8.14.4/8.14.4/Debian-8+deb8u2; Thu, 30 Nov 2017 10:25:48 +0100; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
|
1309
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1264
1310
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1265
1311
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1266
1312
|
<param pos="0" name="os.vendor" value="Debian"/>
|
@@ -1271,6 +1317,7 @@
|
|
1271
1317
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
|
1272
1318
|
<param pos="1" name="host.name"/>
|
1273
1319
|
<param pos="2" name="service.version"/>
|
1320
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1274
1321
|
<param pos="3" name="sendmail.config.version"/>
|
1275
1322
|
<param pos="4" name="system.time"/>
|
1276
1323
|
</fingerprint>
|
@@ -1278,6 +1325,7 @@
|
|
1278
1325
|
<fingerprint pattern="^([^ ]+) ESMTP Sendmail ([^/]+)/([^/]+)/Debian-\d\+lenny\d; (.+); .*$">
|
1279
1326
|
<description>Sendmail - Debian 5.x (lenny)</description>
|
1280
1327
|
<example service.version="8.14.3">foo.bar ESMTP Sendmail 8.14.3/8.14.3/Debian-5+lenny1; Thu, 30 Nov 2017 12:29:40 +0300; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
|
1328
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1281
1329
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1282
1330
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1283
1331
|
<param pos="0" name="os.vendor" value="Debian"/>
|
@@ -1288,6 +1336,7 @@
|
|
1288
1336
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
|
1289
1337
|
<param pos="1" name="host.name"/>
|
1290
1338
|
<param pos="2" name="service.version"/>
|
1339
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1291
1340
|
<param pos="3" name="sendmail.config.version"/>
|
1292
1341
|
<param pos="4" name="system.time"/>
|
1293
1342
|
</fingerprint>
|
@@ -1295,6 +1344,7 @@
|
|
1295
1344
|
<fingerprint pattern="^([^ ]+) ESMTP Sendmail ([^/]+)/([^/]+)/Debian-\d\+etch\d; (.+); .*$">
|
1296
1345
|
<description>Sendmail - Debian 4.x (etch)</description>
|
1297
1346
|
<example service.version="8.13.8" sendmail.config.version="8.13.8">foo.bar ESMTP Sendmail 8.13.8/8.13.8/Debian-3+etch1; Thu, 30 Nov 2017 10:28:23 +0100; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
|
1347
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1298
1348
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1299
1349
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1300
1350
|
<param pos="0" name="os.vendor" value="Debian"/>
|
@@ -1305,6 +1355,7 @@
|
|
1305
1355
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
|
1306
1356
|
<param pos="1" name="host.name"/>
|
1307
1357
|
<param pos="2" name="service.version"/>
|
1358
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1308
1359
|
<param pos="3" name="sendmail.config.version"/>
|
1309
1360
|
<param pos="4" name="system.time"/>
|
1310
1361
|
</fingerprint>
|
@@ -1312,6 +1363,7 @@
|
|
1312
1363
|
<fingerprint pattern="^([^ ]+) ESMTP Sendmail ([^/]+)/([^/]+)/Debian-\dsarge\d; (.+); .*$">
|
1313
1364
|
<description>Sendmail - Debian 3.1 (sarge)</description>
|
1314
1365
|
<example service.version="8.13.4">foo.bar ESMTP Sendmail 8.13.4/8.13.4/Debian-3sarge1; Thu, 30 Nov 2017 10:55:47 +0100; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
|
1366
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1315
1367
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1316
1368
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1317
1369
|
<param pos="0" name="os.vendor" value="Debian"/>
|
@@ -1322,6 +1374,7 @@
|
|
1322
1374
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
|
1323
1375
|
<param pos="1" name="host.name"/>
|
1324
1376
|
<param pos="2" name="service.version"/>
|
1377
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1325
1378
|
<param pos="3" name="sendmail.config.version"/>
|
1326
1379
|
<param pos="4" name="system.time"/>
|
1327
1380
|
</fingerprint>
|
@@ -1331,6 +1384,7 @@
|
|
1331
1384
|
<example service.version="8.15.2">foo.bar ESMTP Sendmail 8.15.2/8.15.2/Debian-3; Thu, 30 Nov 2017 10:55:50 +0200; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
|
1332
1385
|
<example service.version="8.14.3">foo.bar ESMTP Sendmail 8.14.3/8.14.3/Debian-9.4; Thu, 30 Nov 2017 10:11:54 +0100; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
|
1333
1386
|
<example service.version="8.14.2">foo.bar ESMTP Sendmail 8.14.2/8.14.2/Debian-2build1; Thu, 30 Nov 2017 04:09:50 -0600; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
|
1387
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1334
1388
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1335
1389
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1336
1390
|
<param pos="0" name="os.vendor" value="Debian"/>
|
@@ -1340,6 +1394,7 @@
|
|
1340
1394
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
|
1341
1395
|
<param pos="1" name="host.name"/>
|
1342
1396
|
<param pos="2" name="service.version"/>
|
1397
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1343
1398
|
<param pos="3" name="sendmail.config.version"/>
|
1344
1399
|
<param pos="4" name="system.time"/>
|
1345
1400
|
</fingerprint>
|
@@ -1348,6 +1403,7 @@
|
|
1348
1403
|
<description>Sendmail - Ubuntu</description>
|
1349
1404
|
<example service.version="8.13.5.20060308">foo.bar ESMTP Sendmail 8.13.5.20060308/8.13.5/Debian-3ubuntu1.1; Fri, 24 Jul 2009 01:41:21 -0700; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
|
1350
1405
|
<example service.version="8.14.4">foo.bar ESMTP Sendmail 8.14.4/8.14.4/Debian-4.1ubuntu1; Thu, 30 Nov 2017 11:00:30 +0100; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
|
1406
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1351
1407
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1352
1408
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1353
1409
|
<param pos="0" name="os.vendor" value="Ubuntu"/>
|
@@ -1357,12 +1413,14 @@
|
|
1357
1413
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
|
1358
1414
|
<param pos="1" name="host.name"/>
|
1359
1415
|
<param pos="2" name="service.version"/>
|
1416
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1360
1417
|
<param pos="3" name="system.time"/>
|
1361
1418
|
</fingerprint>
|
1362
1419
|
|
1363
1420
|
<fingerprint pattern="^([^ ]+) (?:E?SMTP )?Sendmail SMI-([^/]+)/(SMI-SVR4) ready at (.+)$">
|
1364
1421
|
<description>Sendmail - Solaris (SMI variant)</description>
|
1365
1422
|
<example>foo.bar Sendmail SMI-8.6/SMI-SVR4 ready at Sun, 29 Jul 2001 22:58:46 -0400</example>
|
1423
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1366
1424
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1367
1425
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1368
1426
|
<param pos="0" name="os.vendor" value="Sun"/>
|
@@ -1372,6 +1430,7 @@
|
|
1372
1430
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
|
1373
1431
|
<param pos="1" name="host.name"/>
|
1374
1432
|
<param pos="2" name="service.version"/>
|
1433
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1375
1434
|
<param pos="3" name="sendmail.config.version"/>
|
1376
1435
|
<param pos="4" name="system.time"/>
|
1377
1436
|
</fingerprint>
|
@@ -1379,6 +1438,7 @@
|
|
1379
1438
|
<fingerprint pattern="^([^ ]+) ESMTP Sendmail ([^ ]+)/(linuxconf); (.+)$">
|
1380
1439
|
<description>Sendmail - unknown platform (linuxconf variant)</description>
|
1381
1440
|
<example>foo.bar ESMTP Sendmail 8.9.3/linuxconf; Sun, 29 Jul 2001 22:48:28 -0400</example>
|
1441
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1382
1442
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1383
1443
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1384
1444
|
<param pos="0" name="os.family" value="Linux"/>
|
@@ -1386,6 +1446,7 @@
|
|
1386
1446
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
|
1387
1447
|
<param pos="1" name="host.name"/>
|
1388
1448
|
<param pos="2" name="service.version"/>
|
1449
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1389
1450
|
<param pos="3" name="sendmail.config.version"/>
|
1390
1451
|
<param pos="4" name="system.time"/>
|
1391
1452
|
</fingerprint>
|
@@ -1417,10 +1478,12 @@
|
|
1417
1478
|
<example host.name="foo.bar" service.version="8.8.8" sendmail.config.version="8.8.9">foo.bar ESMTP blah Sendmail 8.8.8/8.8.9; Wed, 21 Nov 2001 23:39:07 +0100 (CET)</example>
|
1418
1479
|
<example host.name="foo.bar" service.version="8.10.2" sendmail.config.version="8.10.3">foo.bar ESMTP Sendmail 8.10.2/8.10.3; Mon, 10 Sep 2001 08:37:14 -0400</example>
|
1419
1480
|
<example host.name="foo.bar" service.version="8.13.8" sendmail.config.version="8.13.9">foo.bar ESMTP foo-MTA Sendmail 8.13.8/8.13.9; Mon, 18 Apr 2011 08:52:38 -0700</example>
|
1481
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1420
1482
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1421
1483
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
|
1422
1484
|
<param pos="1" name="host.name"/>
|
1423
1485
|
<param pos="2" name="service.version"/>
|
1486
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1424
1487
|
<param pos="3" name="sendmail.config.version"/>
|
1425
1488
|
<param pos="4" name="system.time"/>
|
1426
1489
|
</fingerprint>
|
@@ -1428,10 +1491,12 @@
|
|
1428
1491
|
<fingerprint pattern="^([^ ]+) +ESMTP .*Sendmail +([^/ ]+) */ *([^/ ]+); *(\w\w\w, \d+ \w\w\w \d\d\d\d [\d:]+ \w+)\.?$">
|
1429
1492
|
<description>Sendmail - with timezone and timestamp, w/o timezone offset or OS</description>
|
1430
1493
|
<example host.name="foo.bar" service.version="8.14.4" sendmail.config.version="8.14.4" system.time="Thu, 5 Apr 2018 19:30:58 GMT">foo.bar ESMTP Sendmail 8.14.4/8.14.4; Thu, 5 Apr 2018 19:30:58 GMT</example>
|
1494
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1431
1495
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1432
1496
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss z"/>
|
1433
1497
|
<param pos="1" name="host.name"/>
|
1434
1498
|
<param pos="2" name="service.version"/>
|
1499
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1435
1500
|
<param pos="3" name="sendmail.config.version"/>
|
1436
1501
|
<param pos="4" name="system.time"/>
|
1437
1502
|
</fingerprint>
|
@@ -1439,33 +1504,39 @@
|
|
1439
1504
|
<fingerprint pattern="^([^ ]+) +ESMTP +Sendmail ([^ ]+) ready at *(\w\w\w, \d+ \w\w\w \d\d\d\d [\d:]+ [-+]\d\d\d\d)(?: \(.+\))$">
|
1440
1505
|
<description>Sendmail - with version and date (optional timezone), w/o config version</description>
|
1441
1506
|
<example host.name="foo.bar" service.version="8.8.8" system.time="Tue, 6 Feb 2001 14:37:14 +0100">foo.bar ESMTP Sendmail 8.8.8 ready at Tue, 6 Feb 2001 14:37:14 +0100 (CET)</example>
|
1507
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1442
1508
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1443
1509
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1444
1510
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
|
1445
1511
|
<param pos="1" name="host.name"/>
|
1446
1512
|
<param pos="2" name="service.version"/>
|
1513
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1447
1514
|
<param pos="3" name="system.time"/>
|
1448
1515
|
</fingerprint>
|
1449
1516
|
|
1450
1517
|
<fingerprint pattern="^([^ ]+) +ESMTP +Sendmail ([^ /]+) - \([^\)]+\)/[^ ]+;? *(\w\w\w, \d+ \w\w\w \d\d\d\d [\d:]+ [-+]\d\d\d\d)(?: \(.+\)) *$">
|
1451
1518
|
<description>Sendmail - revision variant 1</description>
|
1452
1519
|
<example>foo.foo.bar ESMTP Sendmail 8.11.1 - (Revision 1.010)/8.9.3; Sat, 22 Jan 2011 10:08:35 -0500 (EST)</example>
|
1520
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1453
1521
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1454
1522
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1455
1523
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
|
1456
1524
|
<param pos="1" name="host.name"/>
|
1457
1525
|
<param pos="2" name="service.version"/>
|
1526
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1458
1527
|
<param pos="3" name="system.time"/>
|
1459
1528
|
</fingerprint>
|
1460
1529
|
|
1461
1530
|
<fingerprint pattern="^([^ ]+) +ESMTP +Sendmail +(?:[^ ]+) +version +([^ ]+) +- +(?:[^;]+); *(\w\w\w, \d+ \w\w\w \d\d\d\d [\d:]+ [-+]\d\d\d\d)(?: \(.+\)) *$">
|
1462
1531
|
<description>Sendmail - revision variant 2</description>
|
1463
1532
|
<example>foo.foo.bar ESMTP Sendmail @(#)Sendmail version 8.13.3 - Revision 2.007 - 8 December 2008/8.8.6; Wed, 21 Jul 2010 11:17:01 -0400 (EDT)</example>
|
1533
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1464
1534
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1465
1535
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1466
1536
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
|
1467
1537
|
<param pos="1" name="host.name"/>
|
1468
1538
|
<param pos="2" name="service.version"/>
|
1539
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1469
1540
|
<param pos="3" name="system.time"/>
|
1470
1541
|
</fingerprint>
|
1471
1542
|
|
@@ -1480,8 +1551,10 @@
|
|
1480
1551
|
<example host.name="foo.bar">foo.bar ESMTP Sendmail ready. </example>
|
1481
1552
|
<example host.name="foo.bar">foo.bar ESMTP Sendmail</example>
|
1482
1553
|
<example host.name="foo.bar">foo.bar Sendmail ready. </example>
|
1554
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1483
1555
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1484
1556
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1557
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:-"/>
|
1485
1558
|
<param pos="1" name="host.name"/>
|
1486
1559
|
<param pos="2" name="system.time"/>
|
1487
1560
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
|
@@ -1490,10 +1563,12 @@
|
|
1490
1563
|
<fingerprint pattern="^ESMTP Sendmail +([^/ ]+) */ *([^/ ]+); (\w\w\w, \d+ \w\w\w \d\d\d\d [\d:]+ [-+]\d\d\d\d)$">
|
1491
1564
|
<description>Sendmail - with version and date, w/o hostname or platform (semicolon variant)</description>
|
1492
1565
|
<example service.version="8.13.1" sendmail.config.version="8.13.1" system.time="Thu, 30 Nov 2017 01:58:22 -0700">ESMTP Sendmail 8.13.1/8.13.1; Thu, 30 Nov 2017 01:58:22 -0700</example>
|
1566
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1493
1567
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1494
1568
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1495
1569
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
|
1496
1570
|
<param pos="1" name="service.version"/>
|
1571
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1497
1572
|
<param pos="2" name="sendmail.config.version"/>
|
1498
1573
|
<param pos="3" name="system.time"/>
|
1499
1574
|
</fingerprint>
|
@@ -1501,11 +1576,13 @@
|
|
1501
1576
|
<fingerprint pattern="^([^ ]+) +ESMTP +Sendmail ([^ /]+) \([^\)]+\) *(.+) \(.+\)$">
|
1502
1577
|
<description>Sendmail - unknown (date in version string variant)</description>
|
1503
1578
|
<example>mail.foo.bar ESMTP Sendmail 8.11.1 (1.1.2.11/12Jul01-1016AM) Wed, 8 Jan 2003 11:21:22 +0100 (MET)</example>
|
1579
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1504
1580
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1505
1581
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1506
1582
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
|
1507
1583
|
<param pos="1" name="host.name"/>
|
1508
1584
|
<param pos="2" name="service.version"/>
|
1585
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1509
1586
|
<param pos="3" name="system.time"/>
|
1510
1587
|
</fingerprint>
|
1511
1588
|
|
@@ -1513,19 +1590,23 @@
|
|
1513
1590
|
|
1514
1591
|
<fingerprint pattern="^([^ ]+) Sendmail ([^;]+); ([^;\.]+)$">
|
1515
1592
|
<description>Sendmail - unknown platform, variant 1</description>
|
1593
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1516
1594
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1517
1595
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1518
1596
|
<param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss zzz"/>
|
1519
1597
|
<param pos="1" name="host.name"/>
|
1520
1598
|
<param pos="2" name="service.version"/>
|
1599
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1521
1600
|
<param pos="3" name="system.time"/>
|
1522
1601
|
</fingerprint>
|
1523
1602
|
|
1524
1603
|
<fingerprint pattern="^Sendmail ([^/]+)/([^/]+) ready on ([^ ]+)$">
|
1525
1604
|
<description>Sendmail - basic with version and date</description>
|
1605
|
+
<param pos="0" name="service.vendor" value="Sendmail"/>
|
1526
1606
|
<param pos="0" name="service.family" value="Sendmail"/>
|
1527
1607
|
<param pos="0" name="service.product" value="Sendmail"/>
|
1528
1608
|
<param pos="1" name="service.version"/>
|
1609
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
|
1529
1610
|
<param pos="2" name="sendmail.config.version"/>
|
1530
1611
|
<param pos="3" name="host.name"/>
|
1531
1612
|
</fingerprint>
|
@@ -1751,11 +1832,12 @@
|
|
1751
1832
|
<example host.name="foo.bar" service.version="5.3.1">foo.bar ESMTP CommuniGate Pro 5.3.1</example>
|
1752
1833
|
<example host.name="foo.bar" service.version="6.2c3">foo.bar ESMTP CommuniGate Pro 6.2c3</example>
|
1753
1834
|
<example host.name="foo.bar" service.version="4.3.12">foo.bar ESMTP CommuniGate Pro 4.3.12. It is you again :-(</example>
|
1754
|
-
<param pos="0" name="service.vendor" value="
|
1835
|
+
<param pos="0" name="service.vendor" value="Communigate"/>
|
1755
1836
|
<param pos="0" name="service.family" value="Pro"/>
|
1756
|
-
<param pos="0" name="service.product" value="
|
1837
|
+
<param pos="0" name="service.product" value="Communigate Pro"/>
|
1757
1838
|
<param pos="1" name="host.name"/>
|
1758
1839
|
<param pos="2" name="service.version"/>
|
1840
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:communigate:communigate_pro:{service.version}"/>
|
1759
1841
|
</fingerprint>
|
1760
1842
|
|
1761
1843
|
<fingerprint pattern="^(\S+) NO UCE NO UBE NO RELAY PROBES ESMTP">
|
data/xml/ssh_banners.xml
CHANGED
@@ -1962,8 +1962,10 @@
|
|
1962
1962
|
<fingerprint pattern="^dropbear$">
|
1963
1963
|
<description>Dropbear w/o version - http://matt.ucc.asn.au/dropbear/dropbear.html</description>
|
1964
1964
|
<example>dropbear</example>
|
1965
|
+
<param pos="0" name="service.vendor" value="Dropbear SSH Project"/>
|
1965
1966
|
<param pos="0" name="service.family" value="Dropbear"/>
|
1966
|
-
<param pos="0" name="service.product" value="Dropbear"/>
|
1967
|
+
<param pos="0" name="service.product" value="Dropbear SSH"/>
|
1968
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:dropbear_ssh_project:dropbear_ssh:-"/>
|
1967
1969
|
</fingerprint>
|
1968
1970
|
|
1969
1971
|
<fingerprint pattern="^dropbear_(.*)$">
|
@@ -1971,8 +1973,10 @@
|
|
1971
1973
|
<example service.version="2015.67">dropbear_2015.67</example>
|
1972
1974
|
<example service.version="0.49">dropbear_0.49</example>
|
1973
1975
|
<param pos="1" name="service.version"/>
|
1976
|
+
<param pos="0" name="service.vendor" value="Dropbear SSH Project"/>
|
1974
1977
|
<param pos="0" name="service.family" value="Dropbear"/>
|
1975
|
-
<param pos="0" name="service.product" value="Dropbear"/>
|
1978
|
+
<param pos="0" name="service.product" value="Dropbear SSH"/>
|
1979
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:dropbear_ssh_project:dropbear_ssh:{service.version}"/>
|
1976
1980
|
</fingerprint>
|
1977
1981
|
|
1978
1982
|
<fingerprint pattern="^lancom$">
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: recog
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.3.
|
4
|
+
version: 2.3.12
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Rapid7 Research
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-07-
|
11
|
+
date: 2020-07-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rspec
|