recog 2.3.11 → 2.3.12

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 97d63040d77ee814dfef18425b59f861c5502b6e929826c27b3f6ec81423edfe
4
- data.tar.gz: 27f184ce296b50e0c061e67c0fb5cff846eca187ee72750684904aea66061bc7
3
+ metadata.gz: 477c1b984da6788f9acbe0f8868fe07b500c0a6c9b94691a23535befba43b912
4
+ data.tar.gz: a23f96a8ae8212ba1521455ccbfbe60f355706eb04fbe309768cd538a5ff90a6
5
5
  SHA512:
6
- metadata.gz: fec43f32715f27d49b9c0258cd46b2b647c11d9649d30601ac7220b4f37459a9664686c25f84304c307e74690815de91e3883ba018d4b9d1546aea4867cebe42
7
- data.tar.gz: e8612ca2e848fe0c8f8ccd32646309614fca7cdbc3101f01554c4e770ea738fead20ea24c003b70f0241a412186cbaa819b5d805b2e71d834dd77a327bdfc7e6
6
+ metadata.gz: b758ee85f8fb433fb2d0ef8ad07e627bb941ad86d5d3f07ebb768ecda8c8a00521e37c0dff81e5e2c3b7065584b7d4bef283fb6ceea0da45c952e57301879d2c
7
+ data.tar.gz: d07e8d168442426db1cee39ecaf6d2f7c337b20bf41799115354099185daa2e4696c58df2fddba9d025f05386fd426ce4c15bbc06eea04e47dff01642a86cd95
@@ -16,6 +16,10 @@ mappings:
16
16
  weblogic: weblogic_server
17
17
  blue_coat:
18
18
  vendor: bluecoat
19
+ carnegie_mellon_university:
20
+ vendor: cmu
21
+ products:
22
+ cyrus_imap: cyrus_imap_server
19
23
  centos:
20
24
  vendor: centos
21
25
  products:
@@ -32,6 +36,9 @@ mappings:
32
36
  vendor: debian
33
37
  products:
34
38
  linux: debian_linux
39
+ embedthis:
40
+ products:
41
+ goahead_webserver: goahead
35
42
  f5:
36
43
  vendor: f5
37
44
  products:
@@ -41,12 +48,12 @@ mappings:
41
48
  vendor: hp
42
49
  products:
43
50
  ilo: integrated_lights_out
44
- lotus_domino: lotus_domino_server
45
51
  tru64_unix: tru64
46
52
  ibm:
47
53
  vendor: ibm
48
54
  products:
49
55
  lotus_domino: lotus_domino_server
56
+ ibm_domino: lotus_domino
50
57
  os/400: os_400
51
58
  jamf:
52
59
  products:
@@ -57,6 +64,10 @@ mappings:
57
64
  junos_os: junos
58
65
  kibana:
59
66
  vendor: elasticsearch
67
+ cz.nic:
68
+ vendor: knot-dns
69
+ litespeed_technologies:
70
+ vendor: litespeedtech
60
71
  linux:
61
72
  vendor: linux
62
73
  products:
@@ -94,6 +105,10 @@ mappings:
94
105
  vendor: modwsgi
95
106
  mort_bay:
96
107
  vendor: mortbay
108
+ nlnet_labs:
109
+ vendor: nlnetlabs
110
+ products:
111
+ dnsd: name_server_daemon
97
112
  net-snmp:
98
113
  vendor: net-snmp
99
114
  products:
@@ -93,4 +93,4 @@ iPad
93
93
  iPad Air
94
94
  iPad Pro
95
95
  iPad mini
96
- iPhone
96
+ iPhone
@@ -325,4 +325,4 @@ iPhone X
325
325
  iPhone XR
326
326
  iPhone XS
327
327
  iPhone XS Max
328
- vManage
328
+ vManage
@@ -421,6 +421,7 @@ Symantec Endpoint Protection Manager
421
421
  Symantec Mail Security for SMTP
422
422
  Symantec Messaging Gateway
423
423
  TBS FTP Server
424
+ TCP/IP
424
425
  TCPIP POP server
425
426
  TUX Web Server
426
427
  TeamCity
@@ -554,4 +555,3 @@ vsFTPd
554
555
  vsFTPd Extended
555
556
  z/OS FTP Server
556
557
  zFTPServer
557
- TCP/IP
@@ -1,3 +1,3 @@
1
1
  module Recog
2
- VERSION = '2.3.11'
2
+ VERSION = '2.3.12'
3
3
  end
@@ -516,6 +516,7 @@
516
516
  <param pos="0" name="service.family" value="NSD"/>
517
517
  <param pos="0" name="service.product" value="dnsd"/>
518
518
  <param pos="1" name="service.version"/>
519
+ <param pos="0" name="service.cpe23" value="cpe:/a:nlnetlabs:name_server_daemon:{service.version}"/>
519
520
  </fingerprint>
520
521
 
521
522
  <fingerprint pattern="^unbound ([\d.]+)$">
@@ -525,6 +526,7 @@
525
526
  <param pos="0" name="service.family" value="Unbound"/>
526
527
  <param pos="0" name="service.product" value="unbound"/>
527
528
  <param pos="1" name="service.version"/>
529
+ <param pos="0" name="service.cpe23" value="cpe:/a:nlnetlabs:unbound:{service.version}"/>
528
530
  </fingerprint>
529
531
 
530
532
  <fingerprint pattern="^(?i:unbound)$">
@@ -533,6 +535,7 @@
533
535
  <param pos="0" name="service.vendor" value="NLnet Labs"/>
534
536
  <param pos="0" name="service.family" value="Unbound"/>
535
537
  <param pos="0" name="service.product" value="unbound"/>
538
+ <param pos="0" name="service.cpe23" value="cpe:/a:nlnetlabs:unbound:-"/>
536
539
  </fingerprint>
537
540
 
538
541
  <fingerprint pattern="^(?:BIND )?(9.[^-]+(?:-[SP]\d)?)(?:-[\d\.]+)?\+deb10u\d+-Raspbian$">
@@ -583,8 +586,9 @@
583
586
  <example service.version="2.5.0-dev">Knot DNS 2.5.0-dev</example>
584
587
  <param pos="0" name="service.vendor" value="cz.nic"/>
585
588
  <param pos="0" name="service.family" value="Knot"/>
586
- <param pos="0" name="service.product" value="DNS"/>
589
+ <param pos="0" name="service.product" value="Knot DNS"/>
587
590
  <param pos="1" name="service.version"/>
591
+ <param pos="0" name="service.cpe23" value="cpe:/a:knot-dns:knot_dns:{service.version}"/>
588
592
  </fingerprint>
589
593
 
590
594
  <fingerprint pattern="^UltraDNS Resolver$">
@@ -754,7 +758,8 @@
754
758
  <example>DNSServer</example>
755
759
  <param pos="0" name="service.vendor" value="Synology"/>
756
760
  <param pos="0" name="service.family" value="DSM"/>
757
- <param pos="0" name="service.product" value="DNS"/>
761
+ <param pos="0" name="service.product" value="DNS Server"/>
762
+ <param pos="0" name="service.cpe23" value="cpe:/a:synology:dns_server:-"/>
758
763
  <param pos="0" name="os.device" value="NAS"/>
759
764
  <param pos="0" name="os.family" value="Linux"/>
760
765
  <param pos="0" name="os.product" value="DSM"/>
@@ -855,9 +860,10 @@
855
860
  <fingerprint pattern="^gdnsd$">
856
861
  <description>gdnsd</description>
857
862
  <example>gdnsd</example>
858
- <param pos="0" name="service.vendor" value="Brandon Black"/>
863
+ <param pos="0" name="service.vendor" value="gdnsd"/>
859
864
  <param pos="0" name="service.family" value="gdnsd"/>
860
865
  <param pos="0" name="service.product" value="gdnsd"/>
866
+ <param pos="0" name="service.cpe23" value="cpe:/a:gdnsd:gdnsd:-"/>
861
867
  </fingerprint>
862
868
 
863
869
  <fingerprint pattern="^Hi: [\w\.: =]+\d{4}$">
@@ -360,6 +360,7 @@ example.com FTP server (Version: Mac OS X Server) ready.
360
360
  <example service.version="1.0.11">=(&lt;*&gt;)=-.:. (( Welcome to Pure-FTPd 1.0.11 )) .:.-=(&lt;*&gt;)=-</example>
361
361
  <example service.version="1.0.11">=(&lt;*&gt;)=-.:. (( Welcome to Pure-FTPd 1.0.11 )) .:.-=(&lt;*&gt;)=-&#13;
362
362
  more stuff</example>
363
+ <param pos="0" name="service.fvendor" value="PureFTPd"/>
363
364
  <param pos="0" name="service.family" value="Pure-FTPd"/>
364
365
  <param pos="0" name="service.product" value="Pure-FTPd"/>
365
366
  <param pos="1" name="service.version"/>
@@ -374,16 +375,20 @@ more stuff
374
375
  <example>--------- Welcome to Pure-FTPd [privsep] [TLS] ----------&#13;
375
376
  more text</example>
376
377
  <param pos="1" name="pureftpd.config"/>
378
+ <param pos="0" name="service.vendor" value="PureFTPd"/>
377
379
  <param pos="0" name="service.family" value="Pure-FTPd"/>
378
380
  <param pos="0" name="service.product" value="Pure-FTPd"/>
381
+ <param pos="0" name="service.cpe23" value="cpe:/a:pureftpd:pure-ftpd:-"/>
379
382
  </fingerprint>
380
383
 
381
384
  <fingerprint pattern="^(?:Welcome to )?Pure-FTPd\.?$">
382
385
  <description>Basic Pure-FTPd banner, no version</description>
383
386
  <example>Welcome to Pure-FTPd</example>
384
387
  <example>Pure-FTPd.</example>
388
+ <param pos="0" name="service.vendor" value="PureFTPd"/>
385
389
  <param pos="0" name="service.family" value="Pure-FTPd"/>
386
390
  <param pos="0" name="service.product" value="Pure-FTPd"/>
391
+ <param pos="0" name="service.cpe23" value="cpe:/a:pureftpd:pure-ftpd:-"/>
387
392
  </fingerprint>
388
393
 
389
394
  <fingerprint pattern="^=\(.\*.\)=-\.:\. \(\( Welcome to PureFTPd (\d+\..+) \)\) \.:\.-=\(.\*.\)=-" flags="REG_MULTILINE">
@@ -391,26 +396,56 @@ more text
391
396
  <example service.version="1.1.0">=(&lt;*&gt;)=-.:. (( Welcome to PureFTPd 1.1.0 )) .:.-=(&lt;*&gt;)=-</example>
392
397
  <example service.version="1.1.0">=(&lt;*&gt;)=-.:. (( Welcome to PureFTPd 1.1.0 )) .:.-=(&lt;*&gt;)=-&#13;
393
398
  more text</example>
399
+ <param pos="0" name="service.vendor" value="PureFTPd"/>
394
400
  <param pos="0" name="service.family" value="Pure-FTPd"/>
395
401
  <param pos="0" name="service.product" value="Pure-FTPd"/>
396
402
  <param pos="1" name="service.version"/>
403
+ <param pos="0" name="service.cpe23" value="cpe:/a:pureftpd:pure-ftpd:{service.version}"/>
397
404
  </fingerprint>
398
405
 
399
- <fingerprint pattern="^Serv-U FTP[ -]Server v(\d+\.\S+)(?: for WinSock)? ready\.*$">
400
- <description>Serv-U (only runs on Windows)</description>
406
+ <!-- CPEs for Serv-U 15.x and above changed to SolarWinds -->
407
+
408
+ <fingerprint pattern="^Serv-U FTP Server v(15\.\S+) ready\.\.\.$">
409
+ <description>SolarWinds Serv-U with version </description>
410
+ <example service.version="15.1.3.25">Serv-U FTP Server v15.1.3.25 ready...</example>
411
+ <param pos="0" name="service.vendor" value="SolarWinds"/>
412
+ <param pos="0" name="service.product" value="Serv-U FTP Server"/>
413
+ <param pos="0" name="service.family" value="Serv-U"/>
414
+ <param pos="1" name="service.version"/>
415
+ <param pos="0" name="service.cpe23" value="cpe:/a:solarwinds:serv-u_ftp_server:{service.version}"/>
416
+ </fingerprint>
417
+
418
+ <fingerprint pattern="^Serv-U FTP[ -]Server v(\d+\.\S+) for WinSock ready\.*$">
419
+ <description>Serv-U Serv-U with version on Windows</description>
401
420
  <example service.version="2.5n">Serv-U FTP-Server v2.5n for WinSock ready...</example>
402
421
  <example service.version="6.0">Serv-U FTP Server v6.0 for WinSock ready</example>
403
- <example service.version="7.2">Serv-U FTP Server v7.2 ready...</example>
404
- <param pos="0" name="service.vendor" value="Rhino Software"/>
422
+ <param pos="0" name="service.vendor" value="Serv-U"/>
405
423
  <param pos="0" name="service.product" value="Serv-U"/>
406
424
  <param pos="0" name="service.family" value="Serv-U"/>
407
425
  <param pos="1" name="service.version"/>
426
+ <param pos="0" name="service.cpe23" value="cpe:/a:serv-u:serv-u:{service.version}"/>
408
427
  <param pos="0" name="os.vendor" value="Microsoft"/>
409
428
  <param pos="0" name="os.family" value="Windows"/>
410
429
  <param pos="0" name="os.product" value="Windows"/>
411
430
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
412
431
  </fingerprint>
413
432
 
433
+ <fingerprint pattern="^Serv-U FTP[ -]Server v(\d+\.\S+) ready\.*$">
434
+ <description>Serv-U Serv-U with version </description>
435
+ <example service.version="7.2">Serv-U FTP Server v7.2 ready...</example>
436
+ <example service.version="14.0">Serv-U FTP Server v14.0 ready...</example>
437
+ <param pos="0" name="service.vendor" value="Serv-U"/>
438
+ <param pos="0" name="service.product" value="Serv-U"/>
439
+ <param pos="0" name="service.family" value="Serv-U"/>
440
+ <param pos="1" name="service.version"/>
441
+ <param pos="0" name="service.cpe23" value="cpe:/a:serv-u:serv-u:{service.version}"/>
442
+ </fingerprint>
443
+
444
+ <fingerprint pattern="^Welcom to Serv-U FTP Server$">
445
+ <description>Common FTP banner modification to look like Serv-U -- assert nothing.</description>
446
+ <example>Welcom to Serv-U FTP Server</example>
447
+ </fingerprint>
448
+
414
449
  <fingerprint pattern="^zFTPServer v?(\S+), .*ready\.$" flags="REG_ICASE">
415
450
  <description>zftpserver (only runs on Windows)</description>
416
451
  <example service.version="4.0">zFTPServer v4.0, build 2008-12-24 01:41 ready.</example>
@@ -427,23 +462,28 @@ more text
427
462
  <description>vsFTPd (Very Secure FTP Daemon)</description>
428
463
  <example service.version="1.1.3">(vsFTPd 1.1.3) host</example>
429
464
  <example service.version="2.0.5">(vsFTPd 2.0.5)</example>
465
+ <param pos="0" name="service.vendor" value="vsFTPd Project"/>
430
466
  <param pos="0" name="service.family" value="vsFTPd"/>
431
467
  <param pos="0" name="service.product" value="vsFTPd"/>
432
468
  <param pos="1" name="service.version"/>
469
+ <param pos="0" name="service.cpe23" value="cpe:/a:vsftpd_project:vsftpd:{service.version}"/>
433
470
  <param pos="2" name="host.name"/>
434
471
  </fingerprint>
435
472
 
436
473
  <fingerprint pattern="^ready, dude \(vsFTPd (\d+\..+): beat me, break me\)$">
437
474
  <description>vsFTPd (Very Secure FTP Daemon) - break me variant</description>
438
475
  <example service.version="1.1.0">ready, dude (vsFTPd 1.1.0: beat me, break me)</example>
476
+ <param pos="0" name="service.vendor" value="vsFTPd Project"/>
439
477
  <param pos="0" name="service.family" value="vsFTPd"/>
440
478
  <param pos="0" name="service.product" value="vsFTPd"/>
441
479
  <param pos="1" name="service.version"/>
480
+ <param pos="0" name="service.cpe23" value="cpe:/a:vsftpd_project:vsftpd:{service.version}"/>
442
481
  </fingerprint>
443
482
 
444
483
  <fingerprint pattern="^vsFTPd ([\d.]+\+ \(ext\.3\)) ready\.\.\.$">
445
484
  <description>vsFTPd (Very Secure FTP Daemon) extended build (vsftpd.devnet.ru)</description>
446
485
  <example service.version="2.0.4+ (ext.3)">vsFTPd 2.0.4+ (ext.3) ready...</example>
486
+ <param pos="0" name="service.vendor" value="vsFTPd Project"/>
447
487
  <param pos="0" name="service.family" value="vsFTPd"/>
448
488
  <param pos="0" name="service.product" value="vsFTPd Extended"/>
449
489
  <param pos="1" name="service.version"/>
@@ -453,8 +493,10 @@ more text
453
493
  <description>vsFTPd (Very Secure FTP Daemon) error message</description>
454
494
  <example>OOPS: vsftpd: root is not mounted.</example>
455
495
  <example>OOPS: cannot read user list file:/etc/vsftpd.user_list</example>
496
+ <param pos="0" name="service.vendor" value="vsFTPd Project"/>
456
497
  <param pos="0" name="service.family" value="vsFTPd"/>
457
498
  <param pos="0" name="service.product" value="vsFTPd"/>
499
+ <param pos="0" name="service.cpe23" value="cpe:/a:vsftpd_project:vsftpd:-"/>
458
500
  </fingerprint>
459
501
 
460
502
  <fingerprint pattern="^FileZilla Server(?: version)? (?:v)?(\d\.[\w.]+(?: beta)?).*$">
@@ -463,9 +505,14 @@ more text
463
505
  <example service.version="0.9.13a beta">FileZilla Server version 0.9.13a beta</example>
464
506
  <example service.version="0.9.54 beta">FileZilla Server 0.9.54 beta</example>
465
507
  <example service.version="0.9.33 beta">FileZilla Server v0.9.33 beta</example>
508
+ <param pos="0" name="service.vendor" value="Filezilla-Project"/>
466
509
  <param pos="0" name="service.family" value="FileZilla FTP Server"/>
467
510
  <param pos="0" name="service.product" value="FileZilla FTP Server"/>
468
511
  <param pos="1" name="service.version"/>
512
+ <param pos="0" name="os.vendor" value="Microsoft"/>
513
+ <param pos="0" name="os.family" value="Windows"/>
514
+ <param pos="0" name="os.product" value="Windows"/>
515
+ <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
469
516
  </fingerprint>
470
517
 
471
518
  <fingerprint pattern="^\s*APC FTP server ready\.$">
@@ -793,6 +793,7 @@
793
793
  <param pos="0" name="service.vendor" value="LiteSpeed Technologies"/>
794
794
  <param pos="0" name="service.product" value="LiteSpeed Web Server"/>
795
795
  <param pos="1" name="service.version"/>
796
+ <param pos="0" name="service.cpe23" value="cpe:/a:litespeedtech:litespeed_web_server:{service.version}"/>
796
797
  </fingerprint>
797
798
 
798
799
  <fingerprint pattern="^IdeaWebServer\/v?([\d.]+)$">
@@ -828,8 +829,9 @@
828
829
  <example service.version="15.1.6.31">Serv-U/15.1.6.31</example>
829
830
  <param pos="0" name="service.vendor" value="SolarWinds"/>
830
831
  <param pos="0" name="service.family" value="Serv-U"/>
831
- <param pos="0" name="service.product" value="FTP Server"/>
832
+ <param pos="0" name="service.product" value="Serv-U FTP Server"/>
832
833
  <param pos="1" name="service.version"/>
834
+ <param pos="0" name="service.cpe23" value="cpe:/a:solarwinds:serv-u_ftp_server:{service.version}"/>
833
835
  </fingerprint>
834
836
 
835
837
  <fingerprint pattern="^Wing FTP Server/([\d.]+)\([^)]*\)$">
@@ -1151,18 +1153,29 @@
1151
1153
  <fingerprint pattern="^Sun GlassFish Enterprise Server v(\S+)$">
1152
1154
  <description>Glassfish with version information</description>
1153
1155
  <example service.version="2.1">Sun GlassFish Enterprise Server v2.1</example>
1154
- <param pos="0" name="service.vendor" value="Sun"/>
1156
+ <param pos="0" name="service.vendor" value="Oracle"/>
1155
1157
  <param pos="0" name="service.product" value="GlassFish Server"/>
1156
1158
  <param pos="1" name="service.version"/>
1159
+ <param pos="0" name="service.cpe23" value="cpe:/a:oracle:glassfish_server:{service.version}"/>
1157
1160
  </fingerprint>
1158
1161
 
1159
1162
  <fingerprint pattern="^GlassFish Server Open Source Edition\s+(\S+)$">
1160
1163
  <description>Glassfish Open Source Edition with version information</description>
1161
1164
  <example service.version="4.1.2">GlassFish Server Open Source Edition 4.1.2</example>
1162
1165
  <example service.version="3.1.2.2">GlassFish Server Open Source Edition 3.1.2.2</example>
1163
- <param pos="0" name="service.vendor" value="Sun"/>
1166
+ <param pos="0" name="service.vendor" value="Oracle"/>
1167
+ <param pos="0" name="service.product" value="GlassFish Server"/>
1168
+ <param pos="1" name="service.version"/>
1169
+ <param pos="0" name="service.cpe23" value="cpe:/a:oracle:glassfish_server:{service.version}"/>
1170
+ </fingerprint>
1171
+
1172
+ <fingerprint pattern="^Oracle GlassFish Server ([\d.]+)$">
1173
+ <description>Oracle GlassFish Server</description>
1174
+ <example service.version="3.1.2.14">Oracle GlassFish Server 3.1.2.14</example>
1175
+ <param pos="0" name="service.vendor" value="Oracle"/>
1164
1176
  <param pos="0" name="service.product" value="GlassFish Server"/>
1165
1177
  <param pos="1" name="service.version"/>
1178
+ <param pos="0" name="service.cpe23" value="cpe:/a:oracle:glassfish_server:{service.version}"/>
1166
1179
  </fingerprint>
1167
1180
 
1168
1181
  <fingerprint pattern="^GlassFish$">
@@ -1343,9 +1356,11 @@
1343
1356
  <fingerprint pattern="^thttpd/(\d\.[\w.]+)-MX\s*.*$">
1344
1357
  <description>thttpd with SSL support</description>
1345
1358
  <example>thttpd/2.19-MX Jan 24 2006</example>
1359
+ <param pos="0" name="service.vendor" value="ACME"/>
1346
1360
  <param pos="0" name="service.product" value="thttpd"/>
1347
1361
  <param pos="0" name="service.family" value="thttpd"/>
1348
1362
  <param pos="1" name="service.version"/>
1363
+ <param pos="0" name="service.cpe23" value="cpe:/a:acme:thttpd:{service.version}"/>
1349
1364
  <param pos="0" name="thttpd.mx-patch" value="enabled"/>
1350
1365
  </fingerprint>
1351
1366
 
@@ -1367,9 +1382,11 @@
1367
1382
  <example>Lighttpd</example>
1368
1383
  <example service.version="1.4.16">lighttpd/1.4.16</example>
1369
1384
  <example>lighttpd/1.3.7 (Mar 23 2007/16:00:15)</example>
1385
+ <param pos="0" name="service.vendor" value="lighttpd"/>
1370
1386
  <param pos="0" name="service.product" value="lighttpd"/>
1371
1387
  <param pos="0" name="service.family" value="lighttpd"/>
1372
1388
  <param pos="1" name="service.version"/>
1389
+ <param pos="0" name="service.cpe23" value="cpe:/a:lighttpd:lighttpd:{service.version}"/>
1373
1390
  </fingerprint>
1374
1391
 
1375
1392
  <fingerprint pattern="^nginx$">
@@ -1596,6 +1613,18 @@
1596
1613
  <param pos="0" name="service.component.cpe23" value="cpe:/a:sap:netweaver_application_server:-"/>
1597
1614
  </fingerprint>
1598
1615
 
1616
+ <fingerprint pattern="^SAP J2EE Engine$">
1617
+ <description>SAP NetWeaver Application Server Java - without version</description>
1618
+ <example>SAP J2EE Engine</example>
1619
+ <param pos="0" name="service.vendor" value="SAP"/>
1620
+ <param pos="0" name="service.product" value="NetWeaver Application Server Java"/>
1621
+ <param pos="0" name="service.family" value="NetWeaver"/>
1622
+ <param pos="0" name="service.cpe23" value="cpe:/a:sap:netweaver_application_server_java:-"/>
1623
+ <param pos="0" name="service.component.vendor" value="SAP"/>
1624
+ <param pos="0" name="service.component.product" value="NetWeaver Application Server"/>
1625
+ <param pos="0" name="service.component.cpe23" value="cpe:/a:sap:netweaver_application_server:-"/>
1626
+ </fingerprint>
1627
+
1599
1628
  <fingerprint pattern="^SAP NetWeaver Application Server$">
1600
1629
  <description>SAP NetWeaver Application Server without version</description>
1601
1630
  <example>SAP NetWeaver Application Server</example>
@@ -2325,9 +2354,10 @@
2325
2354
  <fingerprint pattern="^GoAhead-(?:Webs|http)$">
2326
2355
  <description>GoAhead-Webs - no version</description>
2327
2356
  <example>GoAhead-Webs</example>
2328
- <param pos="0" name="service.vendor" value="Oracle"/>
2357
+ <param pos="0" name="service.vendor" value="EmbedThis"/>
2329
2358
  <param pos="0" name="service.product" value="GoAhead Webserver"/>
2330
2359
  <param pos="0" name="service.family" value="GoAhead Webserver"/>
2360
+ <param pos="0" name="service.cpe23" value="cpe:/a:embedthis:goahead:-"/>
2331
2361
  </fingerprint>
2332
2362
 
2333
2363
  <fingerprint pattern="(?i)^GoAhead(?:-Webs|-http)?\/([\d.]+)(?: PeerSec-MatrixSSL\/[\d.]+-OPEN)?$">
@@ -2430,10 +2460,11 @@
2430
2460
  <description>A small HTTP server</description>
2431
2461
  <example>mini_httpd/1.14 23jun2000</example>
2432
2462
  <example>mini_httpd/1 23jun2000</example>
2433
- <param pos="0" name="service.vendor" value="ACME Laboratories"/>
2463
+ <param pos="0" name="service.vendor" value="ACME"/>
2434
2464
  <param pos="0" name="service.product" value="mini_httpd"/>
2435
2465
  <param pos="0" name="service.family" value="mini_httpd"/>
2436
2466
  <param pos="1" name="service.version"/>
2467
+ <param pos="0" name="service.cpe23" value="cpe:/a:acme:mini_httpd:{service.version}"/>
2437
2468
  </fingerprint>
2438
2469
 
2439
2470
  <fingerprint pattern="^thin ((?:\d+\.)*\d+) codename .+$">
@@ -2594,8 +2625,10 @@
2594
2625
  <example service.version="0.93.15">Boa/0.93.15 (with Intersil Extensions)</example>
2595
2626
  <example service.version="0.92p">Boa/0.92p OS-9 Version</example>
2596
2627
  <example service.version="0.93.15">Boa/0.93.15</example>
2628
+ <param pos="0" name="service.vendor" value="Boa"/>
2597
2629
  <param pos="0" name="service.product" value="Boa"/>
2598
2630
  <param pos="1" name="service.version"/>
2631
+ <param pos="0" name="service.cpe23" value="cpe:/a:boa:boa:{service.version}"/>
2599
2632
  </fingerprint>
2600
2633
 
2601
2634
  <!-- HiSilicon is OEMd by a number of DVR manufacturers -->
@@ -2755,8 +2788,10 @@
2755
2788
  <fingerprint pattern="^gSOAP/([\d\.]+)$">
2756
2789
  <description>gSOAP</description>
2757
2790
  <example service.version="2.7">gSOAP/2.7</example>
2791
+ <param pos="0" name="service.vendor" value="Genivia"/>
2758
2792
  <param pos="0" name="service.product" value="gSOAP"/>
2759
2793
  <param pos="1" name="service.version"/>
2794
+ <param pos="0" name="service.cpe23" value="cpe:/a:genivia:gsoap:{service.version}"/>
2760
2795
  </fingerprint>
2761
2796
 
2762
2797
  <!-- Apple QuickTime streaming server -->
@@ -3870,4 +3905,15 @@
3870
3905
  <param pos="0" name="hw.device" value="Broadband router"/>
3871
3906
  </fingerprint>
3872
3907
 
3908
+ <fingerprint pattern="^IX Series IX21\d\d \(magellan-sec\) Software, Version ([^, ]+), (?:MAINTENANCE )?RELEASE SOFTWARE$">
3909
+ <description>NEC Univerge Router - enterprise class with VPN, UTM, etc</description>
3910
+ <example>IX Series IX2106 (magellan-sec) Software, Version 10.2.20, RELEASE SOFTWARE</example>
3911
+ <example>IX Series IX2105 (magellan-sec) Software, Version 9.6.12A, MAINTENANCE RELEASE SOFTWARE</example>
3912
+ <param pos="0" name="hw.vendor" value="NEC"/>
3913
+ <param pos="0" name="hw.product" value="Univerge"/>
3914
+ <param pos="1" name="hw.version"/>
3915
+ <param pos="0" name="hw.device" value="Router"/>
3916
+ <param pos="0" name="hw.cpe23" value="cpe:/h:nec:univerge:{hw.version}"/>
3917
+ </fingerprint>
3918
+
3873
3919
  </fingerprints>
@@ -113,8 +113,10 @@
113
113
  <description>Dovecot Secure IMAP Server</description>
114
114
  <example>Dovecot ready.</example>
115
115
  <example>Dovecot DA ready.</example>
116
+ <param pos="0" name="service.vendor" value="Dovecot"/>
116
117
  <param pos="0" name="service.family" value="Dovecot"/>
117
118
  <param pos="0" name="service.product" value="Dovecot"/>
119
+ <param pos="0" name="service.cpe23" value="cpe:/a:dovecot:dovecot:-"/>
118
120
  </fingerprint>
119
121
 
120
122
  <fingerprint pattern="^Courier-IMAP ready. Copyright \d+-\d+">
@@ -163,6 +165,7 @@
163
165
  <param pos="0" name="service.family" value="Cyrus MTA"/>
164
166
  <param pos="0" name="service.product" value="Cyrus IMAP"/>
165
167
  <param pos="2" name="service.version"/>
168
+ <param pos="0" name="service.cpe23" value="cpe:/a:cmu:cyrus_imap_server:{service.version}"/>
166
169
  <param pos="0" name="os.vendor" value="Apple"/>
167
170
  <param pos="0" name="os.family" value="Mac OS X"/>
168
171
  <param pos="0" name="os.product" value="Mac OS X"/>
@@ -179,6 +182,7 @@
179
182
  <param pos="0" name="service.family" value="Cyrus MTA"/>
180
183
  <param pos="0" name="service.product" value="Cyrus IMAP"/>
181
184
  <param pos="2" name="service.version"/>
185
+ <param pos="0" name="service.cpe23" value="cpe:/a:cmu:cyrus_imap_server:{service.version}"/>
182
186
  <param pos="1" name="host.name"/>
183
187
  </fingerprint>
184
188
 
@@ -180,8 +180,10 @@
180
180
 
181
181
  <fingerprint pattern="^[dD]ovecot (?:DA )?ready\.(?: &lt;.+@(.+)&gt;)?$">
182
182
  <description>Dovecot Secure POP Server</description>
183
+ <param pos="0" name="service.vendor" value="Dovecot"/>
183
184
  <param pos="0" name="service.family" value="Dovecot"/>
184
185
  <param pos="0" name="service.product" value="Dovecot"/>
186
+ <param pos="0" name="service.cpe23" value="cpe:/a:dovecot:dovecot:-"/>
185
187
  <param pos="1" name="host.name"/>
186
188
  </fingerprint>
187
189
 
@@ -861,6 +861,7 @@
861
861
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
862
862
  <param pos="1" name="host.name"/>
863
863
  <param pos="2" name="service.version"/>
864
+ <param pos="0" name="service.cpe23" value="cpe:/a:ibm:lotus_domino:{service.version}"/>
864
865
  <param pos="3" name="system.time"/>
865
866
  </fingerprint>
866
867
 
@@ -940,11 +941,13 @@
940
941
 
941
942
  <fingerprint pattern="^([^ ]+) Postfix \(Postfix-([^ ]+)-([^ ]+)\) \(([^ ]+)\) *$">
942
943
  <description>Postfix - version + build, followed by os</description>
944
+ <param pos="0" name="service.vendor" value="Postfix"/>
943
945
  <param pos="0" name="service.family" value="Postfix"/>
944
946
  <param pos="0" name="service.product" value="Postfix"/>
945
947
  <param pos="1" name="host.name"/>
946
948
  <param pos="2" name="service.version"/>
947
949
  <param pos="3" name="service.version.version"/>
950
+ <param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:{service.version}"/>
948
951
  <param pos="4" name="postfix.os.info"/>
949
952
  </fingerprint>
950
953
 
@@ -952,27 +955,33 @@
952
955
  <description>Postfix - Std semantic versioning, w/ optional parens</description>
953
956
  <example service.version="3.1.4">foo.bar ESMTP Postfix (3.1.4)</example>
954
957
  <example service.version="2.7.1">foo.bar ESMTP Postfix 2.7.1</example>
958
+ <param pos="0" name="service.vendor" value="Postfix"/>
955
959
  <param pos="0" name="service.family" value="Postfix"/>
956
960
  <param pos="0" name="service.product" value="Postfix"/>
957
961
  <param pos="1" name="host.name"/>
958
962
  <param pos="2" name="service.version"/>
963
+ <param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:{service.version}"/>
959
964
  </fingerprint>
960
965
 
961
966
  <fingerprint pattern="^([^ ]+) ESMTP Postfix \((?:Postfix-)?([\d.]+)-([^ ]+)\)$">
962
967
  <description>Postfix - version + build</description>
963
968
  <example service.version="2.8" service.version.version="20100306">foo.bar ESMTP Postfix (2.8-20100306)</example>
969
+ <param pos="0" name="service.vendor" value="Postfix"/>
964
970
  <param pos="0" name="service.family" value="Postfix"/>
965
971
  <param pos="0" name="service.product" value="Postfix"/>
966
972
  <param pos="1" name="host.name"/>
967
973
  <param pos="2" name="service.version"/>
968
974
  <param pos="3" name="service.version.version"/>
975
+ <param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:{service.version}"/>
969
976
  </fingerprint>
970
977
 
971
978
  <fingerprint pattern="^([^ ]+) +E?SMTP Postfix \(Ubuntu\)$">
972
979
  <description>Postfix - Ubuntu</description>
973
980
  <example>foo.bar ESMTP Postfix (Ubuntu)</example>
981
+ <param pos="0" name="service.vendor" value="Postfix"/>
974
982
  <param pos="0" name="service.family" value="Postfix"/>
975
983
  <param pos="0" name="service.product" value="Postfix"/>
984
+ <param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:-"/>
976
985
  <param pos="1" name="host.name"/>
977
986
  <param pos="0" name="os.vendor" value="Ubuntu"/>
978
987
  <param pos="0" name="os.family" value="Linux"/>
@@ -984,8 +993,10 @@
984
993
  <description>Postfix - Ubuntu, Mail-in-a-Box package</description>
985
994
  <example>foo.bar ESMTP Hi, I'm a Mail-in-a-Box (Ubuntu/Postfix; see https://mailinabox.email/)</example>
986
995
  <example>foo.bar Hi, I'm a Mail-in-a-Box (Ubuntu/Postfix; see https://mailinabox.email/)</example>
996
+ <param pos="0" name="service.vendor" value="Postfix"/>
987
997
  <param pos="0" name="service.family" value="Postfix"/>
988
998
  <param pos="0" name="service.product" value="Postfix"/>
999
+ <param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:-"/>
989
1000
  <param pos="1" name="host.name"/>
990
1001
  <param pos="0" name="os.vendor" value="Ubuntu"/>
991
1002
  <param pos="0" name="os.family" value="Linux"/>
@@ -996,8 +1007,10 @@
996
1007
  <fingerprint pattern="^([^ ]+) +E?SMTP Postfix \(Debian/GNU\)$">
997
1008
  <description>Postfix - Debian</description>
998
1009
  <example>foo.bar ESMTP Postfix (Debian/GNU)</example>
1010
+ <param pos="0" name="service.vendor" value="Postfix"/>
999
1011
  <param pos="0" name="service.family" value="Postfix"/>
1000
1012
  <param pos="0" name="service.product" value="Postfix"/>
1013
+ <param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:-"/>
1001
1014
  <param pos="1" name="host.name"/>
1002
1015
  <param pos="0" name="os.vendor" value="Debian"/>
1003
1016
  <param pos="0" name="os.family" value="Linux"/>
@@ -1008,8 +1021,10 @@
1008
1021
  <fingerprint pattern="^([^ ]+) ESMTP.* Postfix *\(.+\) *$">
1009
1022
  <description>Postfix - generic banner with amusing comments in parentheses</description>
1010
1023
  <example>foo.bar ESMTP Postfix (lol)</example>
1024
+ <param pos="0" name="service.vendor" value="Postfix"/>
1011
1025
  <param pos="0" name="service.family" value="Postfix"/>
1012
1026
  <param pos="0" name="service.product" value="Postfix"/>
1027
+ <param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:-"/>
1013
1028
  <param pos="1" name="host.name"/>
1014
1029
  </fingerprint>
1015
1030
 
@@ -1017,23 +1032,29 @@
1017
1032
  <description>Postfix - generic banner</description>
1018
1033
  <example>foo.bar ESMTP Postfix</example>
1019
1034
  <example>foo.bar SMTP Postfix</example>
1035
+ <param pos="0" name="service.vendor" value="Postfix"/>
1020
1036
  <param pos="0" name="service.family" value="Postfix"/>
1021
1037
  <param pos="0" name="service.product" value="Postfix"/>
1038
+ <param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:-"/>
1022
1039
  <param pos="1" name="host.name"/>
1023
1040
  </fingerprint>
1024
1041
 
1025
1042
  <fingerprint pattern="^ *ESMTP Postfix$">
1026
1043
  <description>Postfix - banner without hostname or version</description>
1027
1044
  <example>ESMTP Postfix</example>
1045
+ <param pos="0" name="service.vendor" value="Postfix"/>
1028
1046
  <param pos="0" name="service.family" value="Postfix"/>
1029
1047
  <param pos="0" name="service.product" value="Postfix"/>
1048
+ <param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:-"/>
1030
1049
  </fingerprint>
1031
1050
 
1032
1051
  <fingerprint pattern="^(?i)([^ ]+) POSTFIX$">
1033
1052
  <description>Postfix - generic w/o ESMTP</description>
1034
1053
  <example host.name="foo.bar">foo.bar Postfix</example>
1054
+ <param pos="0" name="service.vendor" value="Postfix"/>
1035
1055
  <param pos="0" name="service.family" value="Postfix"/>
1036
1056
  <param pos="0" name="service.product" value="Postfix"/>
1057
+ <param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:-"/>
1037
1058
  <param pos="1" name="host.name"/>
1038
1059
  </fingerprint>
1039
1060
 
@@ -1070,13 +1091,16 @@
1070
1091
  <fingerprint pattern="^Sendmail ESMTP ready$">
1071
1092
  <description>Sendmail - short banner w/o hostname, version, platform, or date.</description>
1072
1093
  <example>Sendmail ESMTP ready</example>
1094
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1073
1095
  <param pos="0" name="service.family" value="Sendmail"/>
1074
1096
  <param pos="0" name="service.product" value="Sendmail"/>
1097
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:-"/>
1075
1098
  </fingerprint>
1076
1099
 
1077
1100
  <fingerprint pattern="^([^ ]+) +ESMTP +Sendmail +([^ ]+) \(PHNE_([^ ]+)\) */ *(.+); *(.+) \(.+\)$">
1078
1101
  <description>Sendmail - HP-UX with a PHNE (HP Networking patch) installed</description>
1079
1102
  <example host.name="foo.bar" service.version="8.8.6" sendmail.config.version="8.7.1">foo.bar ESMTP Sendmail 8.8.6 (PHNE_14041)/8.7.1; Tue, 6 Feb 2001 10:04:32 -0300 (SAT)</example>
1103
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1080
1104
  <param pos="0" name="service.family" value="Sendmail"/>
1081
1105
  <param pos="0" name="service.product" value="Sendmail"/>
1082
1106
  <param pos="0" name="os.vendor" value="HP"/>
@@ -1086,6 +1110,7 @@
1086
1110
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
1087
1111
  <param pos="1" name="host.name"/>
1088
1112
  <param pos="2" name="service.version"/>
1113
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1089
1114
  <param pos="3" name="sendmail.hpux.phne.version"/>
1090
1115
  <param pos="4" name="sendmail.config.version"/>
1091
1116
  <param pos="5" name="system.time"/>
@@ -1094,6 +1119,7 @@
1094
1119
  <fingerprint pattern="^(\S+) ESMTP Sendmail \S+ version ([\d\.]+) - Revision \S+ HP-UX([\d\.]+).*(\w\w\w, \d+ \w\w\w \d\d\d\d [\d:]+ \w\w\w)$">
1095
1120
  <description>Sendmail - HP-UX</description>
1096
1121
  <example host.name="foo.bar" os.version="11.31" service.version="8.13.3">foo.bar ESMTP Sendmail @(#)Sendmail version 8.13.3 - Revision 1.004:: HP-UX11.31 - 03rd February,2010/8.11.1; Wed, 20 May 2015 23:35:38 GMT</example>
1122
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1097
1123
  <param pos="0" name="service.family" value="Sendmail"/>
1098
1124
  <param pos="0" name="service.product" value="Sendmail"/>
1099
1125
  <param pos="0" name="os.vendor" value="HP"/>
@@ -1104,12 +1130,14 @@
1104
1130
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss z"/>
1105
1131
  <param pos="1" name="host.name"/>
1106
1132
  <param pos="2" name="service.version"/>
1133
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1107
1134
  <param pos="4" name="system.time"/>
1108
1135
  </fingerprint>
1109
1136
 
1110
1137
  <fingerprint pattern="^([^ ]+) +ESMTP +Sendmail +([^ ]+)/UW([^ ]+) ready at *(.+) \(.+\) *$">
1111
1138
  <description>Sendmail - Unixware</description>
1112
1139
  <example service.version="8.8.7">foo.bar ESMTP Sendmail 8.8.7/UW7.1.0 ready at Tue, 6 Feb 2001 16:39:30 -0300 (GMT-0300)</example>
1140
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1113
1141
  <param pos="0" name="service.family" value="Sendmail"/>
1114
1142
  <param pos="0" name="service.product" value="Sendmail"/>
1115
1143
  <param pos="0" name="os.vendor" value="SCO"/>
@@ -1118,6 +1146,7 @@
1118
1146
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
1119
1147
  <param pos="1" name="host.name"/>
1120
1148
  <param pos="2" name="service.version"/>
1149
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1121
1150
  <param pos="3" name="os.version"/>
1122
1151
  <param pos="4" name="system.time"/>
1123
1152
  </fingerprint>
@@ -1125,6 +1154,7 @@
1125
1154
  <fingerprint pattern="^([^ ]+) ESMTP Sendmail AIX([^/]+)/UCB ([^;]+); (.+) \(.+\)$">
1126
1155
  <description>Sendmail - AIX (UCB variant)</description>
1127
1156
  <example os.version="4.2" service.version="8.7">foo.bar ESMTP Sendmail AIX4.2/UCB 8.7; Sun, 29 Jul 2001 22:34:37 -0400 (EDT)</example>
1157
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1128
1158
  <param pos="0" name="service.family" value="Sendmail"/>
1129
1159
  <param pos="0" name="service.product" value="Sendmail"/>
1130
1160
  <param pos="0" name="os.vendor" value="IBM"/>
@@ -1135,12 +1165,14 @@
1135
1165
  <param pos="2" name="os.version"/>
1136
1166
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:{os.version}"/>
1137
1167
  <param pos="3" name="service.version"/>
1168
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1138
1169
  <param pos="4" name="system.time"/>
1139
1170
  </fingerprint>
1140
1171
 
1141
1172
  <fingerprint pattern="^([^ ]+) Sendmail AIX([^/]+)/UCB ([^/]+)/([^ ]+) ready at (.+)$">
1142
1173
  <description>Sendmail - AIX (UCB/ready at variant)</description>
1143
1174
  <example>foo.bar Sendmail AIX 4.1/UCB 5.64/4.03 ready at Mon, 30 Jul 2001 00:42:21 -0500</example>
1175
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1144
1176
  <param pos="0" name="service.family" value="Sendmail"/>
1145
1177
  <param pos="0" name="service.product" value="Sendmail"/>
1146
1178
  <param pos="0" name="os.vendor" value="IBM"/>
@@ -1151,6 +1183,7 @@
1151
1183
  <param pos="2" name="os.version"/>
1152
1184
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:{os.version}"/>
1153
1185
  <param pos="3" name="service.version"/>
1186
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1154
1187
  <param pos="4" name="sendmail.config.version"/>
1155
1188
  <param pos="5" name="system.time"/>
1156
1189
  </fingerprint>
@@ -1159,6 +1192,7 @@
1159
1192
  <description>Sendmail - AIX</description>
1160
1193
  <example host.name="foo.bar" os.version="4.2" service.version="8.7" sendmail.config.version="8.8">foo.bar ESMTP Sendmail AIX4.2/8.7/8.8; Sun, 29 Jul 2001 22:34:37 -0400 (EDT)</example>
1161
1194
  <example host.name="foo.bar" os.version="5.1" service.version="8.11.6p2" sendmail.config.version="8.11.0">foo.bar ESMTP Sendmail AIX5.1/8.11.6p2/8.11.0; Fri, 28 Aug 1970 19:42:05 -0800</example>
1195
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1162
1196
  <param pos="0" name="service.family" value="Sendmail"/>
1163
1197
  <param pos="0" name="service.product" value="Sendmail"/>
1164
1198
  <param pos="0" name="os.vendor" value="IBM"/>
@@ -1169,6 +1203,7 @@
1169
1203
  <param pos="2" name="os.version"/>
1170
1204
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:{os.version}"/>
1171
1205
  <param pos="3" name="service.version"/>
1206
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1172
1207
  <param pos="4" name="sendmail.config.version"/>
1173
1208
  <param pos="5" name="system.time"/>
1174
1209
  </fingerprint>
@@ -1176,6 +1211,7 @@
1176
1211
  <fingerprint pattern="^([^ ]+) ESMTP Sendmail ([^/]+)/([^/]+)/SuSE Linux ([^;]+); (.+)$">
1177
1212
  <description>Sendmail - SuSE Linux</description>
1178
1213
  <example>foo.bar ESMTP Sendmail 8.9.3/8.9.3/SuSE Linux 8.9.3-0.1; Mon, 30 Jul 2001 04:48:54 +0200</example>
1214
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1179
1215
  <param pos="0" name="service.family" value="Sendmail"/>
1180
1216
  <param pos="0" name="service.product" value="Sendmail"/>
1181
1217
  <param pos="0" name="os.vendor" value="SuSE"/>
@@ -1185,6 +1221,7 @@
1185
1221
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
1186
1222
  <param pos="1" name="host.name"/>
1187
1223
  <param pos="2" name="service.version"/>
1224
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1188
1225
  <param pos="3" name="sendmail.config.version"/>
1189
1226
  <param pos="4" name="sendmail.vendor.version"/>
1190
1227
  <param pos="5" name="system.time"/>
@@ -1193,6 +1230,7 @@
1193
1230
  <fingerprint pattern="^([^ ]+) ESMTP Sendmail ([^ ]+)\+Sun/([^ ]+); (.+)$">
1194
1231
  <description>Sendmail - Solaris with date (no time offeset variant)</description>
1195
1232
  <example>foo.bar ESMTP Sendmail 8.9.3+Sun/8.9.1; Mon, 30 Jul 2001 02:50:22 GMT</example>
1233
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1196
1234
  <param pos="0" name="service.family" value="Sendmail"/>
1197
1235
  <param pos="0" name="service.product" value="Sendmail"/>
1198
1236
  <param pos="0" name="os.vendor" value="Sun"/>
@@ -1202,6 +1240,7 @@
1202
1240
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss zzz"/>
1203
1241
  <param pos="1" name="host.name"/>
1204
1242
  <param pos="2" name="service.version"/>
1243
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1205
1244
  <param pos="3" name="sendmail.config.version"/>
1206
1245
  <param pos="4" name="system.time"/>
1207
1246
  </fingerprint>
@@ -1209,6 +1248,7 @@
1209
1248
  <fingerprint pattern="^([^ ]+) ESMTP Sendmail ([^ ]+)\+Sun/([^ ]+) ready at (.+) \(.+\)$">
1210
1249
  <description>Sendmail - Solaris with date (ready variant)</description>
1211
1250
  <example>foo.bar ESMTP Sendmail 8.8.8+Sun/8.6.4 ready at Thu, 15 Nov 2000 11:40:32 -0800 (PST)</example>
1251
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1212
1252
  <param pos="0" name="service.family" value="Sendmail"/>
1213
1253
  <param pos="0" name="service.product" value="Sendmail"/>
1214
1254
  <param pos="0" name="os.vendor" value="Sun"/>
@@ -1218,6 +1258,7 @@
1218
1258
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
1219
1259
  <param pos="1" name="host.name"/>
1220
1260
  <param pos="2" name="service.version"/>
1261
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1221
1262
  <param pos="3" name="sendmail.config.version"/>
1222
1263
  <param pos="4" name="system.time"/>
1223
1264
  </fingerprint>
@@ -1226,6 +1267,7 @@
1226
1267
  <description>Sendmail - Debian</description>
1227
1268
  <example service.version="8.12.0.Beta7" sendmail.config.version="8.12.0.Beta7" sendmail.vendor.version="8.12.0.Beta7-1">foo.bar ESMTP Debian Sendmail 8.12.0.Beta7/8.12.0.Beta7/Debian 8.12.0.Beta7-1; Sun, 29 Jul 2001 18:52:20 -0800</example>
1228
1269
  <example service.version="8.11.0" sendmail.config.version="8.9.3" sendmail.vendor.version="8.9.3-21">foo.bar ESMTP Sendmail 8.11.0/8.9.3/Debian 8.9.3-21; Sun, 29 Jul 2001 19:51:00 -0700</example>
1270
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1229
1271
  <param pos="0" name="service.family" value="Sendmail"/>
1230
1272
  <param pos="0" name="service.product" value="Sendmail"/>
1231
1273
  <param pos="0" name="os.vendor" value="Debian"/>
@@ -1235,6 +1277,7 @@
1235
1277
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
1236
1278
  <param pos="1" name="host.name"/>
1237
1279
  <param pos="2" name="service.version"/>
1280
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1238
1281
  <param pos="3" name="sendmail.config.version"/>
1239
1282
  <param pos="4" name="sendmail.vendor.version"/>
1240
1283
  <param pos="5" name="system.time"/>
@@ -1244,6 +1287,7 @@
1244
1287
  <description>Sendmail - Debian 7.x (wheezy)</description>
1245
1288
  <example service.version="8.14.4">foo.bar ESMTP Sendmail 8.14.4/8.14.4/Debian-4+wheezy1; Thu, 30 Nov 2017 10:33:05 +0100; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
1246
1289
  <example service.version="8.14.4">foo.bar ESMTP Sendmail 8.14.4/8.14.4/Debian-4+deb7u1; Thu, 30 Nov 2017 11:00:33 +0100; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
1290
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1247
1291
  <param pos="0" name="service.family" value="Sendmail"/>
1248
1292
  <param pos="0" name="service.product" value="Sendmail"/>
1249
1293
  <param pos="0" name="os.vendor" value="Debian"/>
@@ -1254,6 +1298,7 @@
1254
1298
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
1255
1299
  <param pos="1" name="host.name"/>
1256
1300
  <param pos="2" name="service.version"/>
1301
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1257
1302
  <param pos="3" name="sendmail.config.version"/>
1258
1303
  <param pos="4" name="system.time"/>
1259
1304
  </fingerprint>
@@ -1261,6 +1306,7 @@
1261
1306
  <fingerprint pattern="^([^ ]+) ESMTP Sendmail ([^/]+)/([^/]+)/Debian-\d\+deb8u\d; (.+); .*$">
1262
1307
  <description>Sendmail - Debian 8.x (jessie)</description>
1263
1308
  <example service.version="8.14.4">foo.bar ESMTP Sendmail 8.14.4/8.14.4/Debian-8+deb8u2; Thu, 30 Nov 2017 10:25:48 +0100; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
1309
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1264
1310
  <param pos="0" name="service.family" value="Sendmail"/>
1265
1311
  <param pos="0" name="service.product" value="Sendmail"/>
1266
1312
  <param pos="0" name="os.vendor" value="Debian"/>
@@ -1271,6 +1317,7 @@
1271
1317
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
1272
1318
  <param pos="1" name="host.name"/>
1273
1319
  <param pos="2" name="service.version"/>
1320
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1274
1321
  <param pos="3" name="sendmail.config.version"/>
1275
1322
  <param pos="4" name="system.time"/>
1276
1323
  </fingerprint>
@@ -1278,6 +1325,7 @@
1278
1325
  <fingerprint pattern="^([^ ]+) ESMTP Sendmail ([^/]+)/([^/]+)/Debian-\d\+lenny\d; (.+); .*$">
1279
1326
  <description>Sendmail - Debian 5.x (lenny)</description>
1280
1327
  <example service.version="8.14.3">foo.bar ESMTP Sendmail 8.14.3/8.14.3/Debian-5+lenny1; Thu, 30 Nov 2017 12:29:40 +0300; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
1328
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1281
1329
  <param pos="0" name="service.family" value="Sendmail"/>
1282
1330
  <param pos="0" name="service.product" value="Sendmail"/>
1283
1331
  <param pos="0" name="os.vendor" value="Debian"/>
@@ -1288,6 +1336,7 @@
1288
1336
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
1289
1337
  <param pos="1" name="host.name"/>
1290
1338
  <param pos="2" name="service.version"/>
1339
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1291
1340
  <param pos="3" name="sendmail.config.version"/>
1292
1341
  <param pos="4" name="system.time"/>
1293
1342
  </fingerprint>
@@ -1295,6 +1344,7 @@
1295
1344
  <fingerprint pattern="^([^ ]+) ESMTP Sendmail ([^/]+)/([^/]+)/Debian-\d\+etch\d; (.+); .*$">
1296
1345
  <description>Sendmail - Debian 4.x (etch)</description>
1297
1346
  <example service.version="8.13.8" sendmail.config.version="8.13.8">foo.bar ESMTP Sendmail 8.13.8/8.13.8/Debian-3+etch1; Thu, 30 Nov 2017 10:28:23 +0100; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
1347
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1298
1348
  <param pos="0" name="service.family" value="Sendmail"/>
1299
1349
  <param pos="0" name="service.product" value="Sendmail"/>
1300
1350
  <param pos="0" name="os.vendor" value="Debian"/>
@@ -1305,6 +1355,7 @@
1305
1355
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
1306
1356
  <param pos="1" name="host.name"/>
1307
1357
  <param pos="2" name="service.version"/>
1358
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1308
1359
  <param pos="3" name="sendmail.config.version"/>
1309
1360
  <param pos="4" name="system.time"/>
1310
1361
  </fingerprint>
@@ -1312,6 +1363,7 @@
1312
1363
  <fingerprint pattern="^([^ ]+) ESMTP Sendmail ([^/]+)/([^/]+)/Debian-\dsarge\d; (.+); .*$">
1313
1364
  <description>Sendmail - Debian 3.1 (sarge)</description>
1314
1365
  <example service.version="8.13.4">foo.bar ESMTP Sendmail 8.13.4/8.13.4/Debian-3sarge1; Thu, 30 Nov 2017 10:55:47 +0100; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
1366
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1315
1367
  <param pos="0" name="service.family" value="Sendmail"/>
1316
1368
  <param pos="0" name="service.product" value="Sendmail"/>
1317
1369
  <param pos="0" name="os.vendor" value="Debian"/>
@@ -1322,6 +1374,7 @@
1322
1374
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
1323
1375
  <param pos="1" name="host.name"/>
1324
1376
  <param pos="2" name="service.version"/>
1377
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1325
1378
  <param pos="3" name="sendmail.config.version"/>
1326
1379
  <param pos="4" name="system.time"/>
1327
1380
  </fingerprint>
@@ -1331,6 +1384,7 @@
1331
1384
  <example service.version="8.15.2">foo.bar ESMTP Sendmail 8.15.2/8.15.2/Debian-3; Thu, 30 Nov 2017 10:55:50 +0200; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
1332
1385
  <example service.version="8.14.3">foo.bar ESMTP Sendmail 8.14.3/8.14.3/Debian-9.4; Thu, 30 Nov 2017 10:11:54 +0100; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
1333
1386
  <example service.version="8.14.2">foo.bar ESMTP Sendmail 8.14.2/8.14.2/Debian-2build1; Thu, 30 Nov 2017 04:09:50 -0600; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
1387
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1334
1388
  <param pos="0" name="service.family" value="Sendmail"/>
1335
1389
  <param pos="0" name="service.product" value="Sendmail"/>
1336
1390
  <param pos="0" name="os.vendor" value="Debian"/>
@@ -1340,6 +1394,7 @@
1340
1394
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
1341
1395
  <param pos="1" name="host.name"/>
1342
1396
  <param pos="2" name="service.version"/>
1397
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1343
1398
  <param pos="3" name="sendmail.config.version"/>
1344
1399
  <param pos="4" name="system.time"/>
1345
1400
  </fingerprint>
@@ -1348,6 +1403,7 @@
1348
1403
  <description>Sendmail - Ubuntu</description>
1349
1404
  <example service.version="8.13.5.20060308">foo.bar ESMTP Sendmail 8.13.5.20060308/8.13.5/Debian-3ubuntu1.1; Fri, 24 Jul 2009 01:41:21 -0700; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
1350
1405
  <example service.version="8.14.4">foo.bar ESMTP Sendmail 8.14.4/8.14.4/Debian-4.1ubuntu1; Thu, 30 Nov 2017 11:00:30 +0100; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
1406
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1351
1407
  <param pos="0" name="service.family" value="Sendmail"/>
1352
1408
  <param pos="0" name="service.product" value="Sendmail"/>
1353
1409
  <param pos="0" name="os.vendor" value="Ubuntu"/>
@@ -1357,12 +1413,14 @@
1357
1413
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
1358
1414
  <param pos="1" name="host.name"/>
1359
1415
  <param pos="2" name="service.version"/>
1416
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1360
1417
  <param pos="3" name="system.time"/>
1361
1418
  </fingerprint>
1362
1419
 
1363
1420
  <fingerprint pattern="^([^ ]+) (?:E?SMTP )?Sendmail SMI-([^/]+)/(SMI-SVR4) ready at (.+)$">
1364
1421
  <description>Sendmail - Solaris (SMI variant)</description>
1365
1422
  <example>foo.bar Sendmail SMI-8.6/SMI-SVR4 ready at Sun, 29 Jul 2001 22:58:46 -0400</example>
1423
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1366
1424
  <param pos="0" name="service.family" value="Sendmail"/>
1367
1425
  <param pos="0" name="service.product" value="Sendmail"/>
1368
1426
  <param pos="0" name="os.vendor" value="Sun"/>
@@ -1372,6 +1430,7 @@
1372
1430
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
1373
1431
  <param pos="1" name="host.name"/>
1374
1432
  <param pos="2" name="service.version"/>
1433
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1375
1434
  <param pos="3" name="sendmail.config.version"/>
1376
1435
  <param pos="4" name="system.time"/>
1377
1436
  </fingerprint>
@@ -1379,6 +1438,7 @@
1379
1438
  <fingerprint pattern="^([^ ]+) ESMTP Sendmail ([^ ]+)/(linuxconf); (.+)$">
1380
1439
  <description>Sendmail - unknown platform (linuxconf variant)</description>
1381
1440
  <example>foo.bar ESMTP Sendmail 8.9.3/linuxconf; Sun, 29 Jul 2001 22:48:28 -0400</example>
1441
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1382
1442
  <param pos="0" name="service.family" value="Sendmail"/>
1383
1443
  <param pos="0" name="service.product" value="Sendmail"/>
1384
1444
  <param pos="0" name="os.family" value="Linux"/>
@@ -1386,6 +1446,7 @@
1386
1446
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
1387
1447
  <param pos="1" name="host.name"/>
1388
1448
  <param pos="2" name="service.version"/>
1449
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1389
1450
  <param pos="3" name="sendmail.config.version"/>
1390
1451
  <param pos="4" name="system.time"/>
1391
1452
  </fingerprint>
@@ -1417,10 +1478,12 @@
1417
1478
  <example host.name="foo.bar" service.version="8.8.8" sendmail.config.version="8.8.9">foo.bar ESMTP blah Sendmail 8.8.8/8.8.9; Wed, 21 Nov 2001 23:39:07 +0100 (CET)</example>
1418
1479
  <example host.name="foo.bar" service.version="8.10.2" sendmail.config.version="8.10.3">foo.bar ESMTP Sendmail 8.10.2/8.10.3; Mon, 10 Sep 2001 08:37:14 -0400</example>
1419
1480
  <example host.name="foo.bar" service.version="8.13.8" sendmail.config.version="8.13.9">foo.bar ESMTP foo-MTA Sendmail 8.13.8/8.13.9; Mon, 18 Apr 2011 08:52:38 -0700</example>
1481
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1420
1482
  <param pos="0" name="service.product" value="Sendmail"/>
1421
1483
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
1422
1484
  <param pos="1" name="host.name"/>
1423
1485
  <param pos="2" name="service.version"/>
1486
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1424
1487
  <param pos="3" name="sendmail.config.version"/>
1425
1488
  <param pos="4" name="system.time"/>
1426
1489
  </fingerprint>
@@ -1428,10 +1491,12 @@
1428
1491
  <fingerprint pattern="^([^ ]+) +ESMTP .*Sendmail +([^/ ]+) */ *([^/ ]+); *(\w\w\w, \d+ \w\w\w \d\d\d\d [\d:]+ \w+)\.?$">
1429
1492
  <description>Sendmail - with timezone and timestamp, w/o timezone offset or OS</description>
1430
1493
  <example host.name="foo.bar" service.version="8.14.4" sendmail.config.version="8.14.4" system.time="Thu, 5 Apr 2018 19:30:58 GMT">foo.bar ESMTP Sendmail 8.14.4/8.14.4; Thu, 5 Apr 2018 19:30:58 GMT</example>
1494
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1431
1495
  <param pos="0" name="service.product" value="Sendmail"/>
1432
1496
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss z"/>
1433
1497
  <param pos="1" name="host.name"/>
1434
1498
  <param pos="2" name="service.version"/>
1499
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1435
1500
  <param pos="3" name="sendmail.config.version"/>
1436
1501
  <param pos="4" name="system.time"/>
1437
1502
  </fingerprint>
@@ -1439,33 +1504,39 @@
1439
1504
  <fingerprint pattern="^([^ ]+) +ESMTP +Sendmail ([^ ]+) ready at *(\w\w\w, \d+ \w\w\w \d\d\d\d [\d:]+ [-+]\d\d\d\d)(?: \(.+\))$">
1440
1505
  <description>Sendmail - with version and date (optional timezone), w/o config version</description>
1441
1506
  <example host.name="foo.bar" service.version="8.8.8" system.time="Tue, 6 Feb 2001 14:37:14 +0100">foo.bar ESMTP Sendmail 8.8.8 ready at Tue, 6 Feb 2001 14:37:14 +0100 (CET)</example>
1507
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1442
1508
  <param pos="0" name="service.family" value="Sendmail"/>
1443
1509
  <param pos="0" name="service.product" value="Sendmail"/>
1444
1510
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
1445
1511
  <param pos="1" name="host.name"/>
1446
1512
  <param pos="2" name="service.version"/>
1513
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1447
1514
  <param pos="3" name="system.time"/>
1448
1515
  </fingerprint>
1449
1516
 
1450
1517
  <fingerprint pattern="^([^ ]+) +ESMTP +Sendmail ([^ /]+) - \([^\)]+\)/[^ ]+;? *(\w\w\w, \d+ \w\w\w \d\d\d\d [\d:]+ [-+]\d\d\d\d)(?: \(.+\)) *$">
1451
1518
  <description>Sendmail - revision variant 1</description>
1452
1519
  <example>foo.foo.bar ESMTP Sendmail 8.11.1 - (Revision 1.010)/8.9.3; Sat, 22 Jan 2011 10:08:35 -0500 (EST)</example>
1520
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1453
1521
  <param pos="0" name="service.family" value="Sendmail"/>
1454
1522
  <param pos="0" name="service.product" value="Sendmail"/>
1455
1523
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
1456
1524
  <param pos="1" name="host.name"/>
1457
1525
  <param pos="2" name="service.version"/>
1526
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1458
1527
  <param pos="3" name="system.time"/>
1459
1528
  </fingerprint>
1460
1529
 
1461
1530
  <fingerprint pattern="^([^ ]+) +ESMTP +Sendmail +(?:[^ ]+) +version +([^ ]+) +- +(?:[^;]+); *(\w\w\w, \d+ \w\w\w \d\d\d\d [\d:]+ [-+]\d\d\d\d)(?: \(.+\)) *$">
1462
1531
  <description>Sendmail - revision variant 2</description>
1463
1532
  <example>foo.foo.bar ESMTP Sendmail @(#)Sendmail version 8.13.3 - Revision 2.007 - 8 December 2008/8.8.6; Wed, 21 Jul 2010 11:17:01 -0400 (EDT)</example>
1533
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1464
1534
  <param pos="0" name="service.family" value="Sendmail"/>
1465
1535
  <param pos="0" name="service.product" value="Sendmail"/>
1466
1536
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
1467
1537
  <param pos="1" name="host.name"/>
1468
1538
  <param pos="2" name="service.version"/>
1539
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1469
1540
  <param pos="3" name="system.time"/>
1470
1541
  </fingerprint>
1471
1542
 
@@ -1480,8 +1551,10 @@
1480
1551
  <example host.name="foo.bar">foo.bar ESMTP Sendmail ready. </example>
1481
1552
  <example host.name="foo.bar">foo.bar ESMTP Sendmail</example>
1482
1553
  <example host.name="foo.bar">foo.bar Sendmail ready. </example>
1554
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1483
1555
  <param pos="0" name="service.family" value="Sendmail"/>
1484
1556
  <param pos="0" name="service.product" value="Sendmail"/>
1557
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:-"/>
1485
1558
  <param pos="1" name="host.name"/>
1486
1559
  <param pos="2" name="system.time"/>
1487
1560
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
@@ -1490,10 +1563,12 @@
1490
1563
  <fingerprint pattern="^ESMTP Sendmail +([^/ ]+) */ *([^/ ]+); (\w\w\w, \d+ \w\w\w \d\d\d\d [\d:]+ [-+]\d\d\d\d)$">
1491
1564
  <description>Sendmail - with version and date, w/o hostname or platform (semicolon variant)</description>
1492
1565
  <example service.version="8.13.1" sendmail.config.version="8.13.1" system.time="Thu, 30 Nov 2017 01:58:22 -0700">ESMTP Sendmail 8.13.1/8.13.1; Thu, 30 Nov 2017 01:58:22 -0700</example>
1566
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1493
1567
  <param pos="0" name="service.family" value="Sendmail"/>
1494
1568
  <param pos="0" name="service.product" value="Sendmail"/>
1495
1569
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
1496
1570
  <param pos="1" name="service.version"/>
1571
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1497
1572
  <param pos="2" name="sendmail.config.version"/>
1498
1573
  <param pos="3" name="system.time"/>
1499
1574
  </fingerprint>
@@ -1501,11 +1576,13 @@
1501
1576
  <fingerprint pattern="^([^ ]+) +ESMTP +Sendmail ([^ /]+) \([^\)]+\) *(.+) \(.+\)$">
1502
1577
  <description>Sendmail - unknown (date in version string variant)</description>
1503
1578
  <example>mail.foo.bar ESMTP Sendmail 8.11.1 (1.1.2.11/12Jul01-1016AM) Wed, 8 Jan 2003 11:21:22 +0100 (MET)</example>
1579
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1504
1580
  <param pos="0" name="service.family" value="Sendmail"/>
1505
1581
  <param pos="0" name="service.product" value="Sendmail"/>
1506
1582
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
1507
1583
  <param pos="1" name="host.name"/>
1508
1584
  <param pos="2" name="service.version"/>
1585
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1509
1586
  <param pos="3" name="system.time"/>
1510
1587
  </fingerprint>
1511
1588
 
@@ -1513,19 +1590,23 @@
1513
1590
 
1514
1591
  <fingerprint pattern="^([^ ]+) Sendmail ([^;]+); ([^;\.]+)$">
1515
1592
  <description>Sendmail - unknown platform, variant 1</description>
1593
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1516
1594
  <param pos="0" name="service.family" value="Sendmail"/>
1517
1595
  <param pos="0" name="service.product" value="Sendmail"/>
1518
1596
  <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss zzz"/>
1519
1597
  <param pos="1" name="host.name"/>
1520
1598
  <param pos="2" name="service.version"/>
1599
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1521
1600
  <param pos="3" name="system.time"/>
1522
1601
  </fingerprint>
1523
1602
 
1524
1603
  <fingerprint pattern="^Sendmail ([^/]+)/([^/]+) ready on ([^ ]+)$">
1525
1604
  <description>Sendmail - basic with version and date</description>
1605
+ <param pos="0" name="service.vendor" value="Sendmail"/>
1526
1606
  <param pos="0" name="service.family" value="Sendmail"/>
1527
1607
  <param pos="0" name="service.product" value="Sendmail"/>
1528
1608
  <param pos="1" name="service.version"/>
1609
+ <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
1529
1610
  <param pos="2" name="sendmail.config.version"/>
1530
1611
  <param pos="3" name="host.name"/>
1531
1612
  </fingerprint>
@@ -1751,11 +1832,12 @@
1751
1832
  <example host.name="foo.bar" service.version="5.3.1">foo.bar ESMTP CommuniGate Pro 5.3.1</example>
1752
1833
  <example host.name="foo.bar" service.version="6.2c3">foo.bar ESMTP CommuniGate Pro 6.2c3</example>
1753
1834
  <example host.name="foo.bar" service.version="4.3.12">foo.bar ESMTP CommuniGate Pro 4.3.12. It is you again :-(</example>
1754
- <param pos="0" name="service.vendor" value="Communigater"/>
1835
+ <param pos="0" name="service.vendor" value="Communigate"/>
1755
1836
  <param pos="0" name="service.family" value="Pro"/>
1756
- <param pos="0" name="service.product" value="ESMTP"/>
1837
+ <param pos="0" name="service.product" value="Communigate Pro"/>
1757
1838
  <param pos="1" name="host.name"/>
1758
1839
  <param pos="2" name="service.version"/>
1840
+ <param pos="0" name="service.cpe23" value="cpe:/a:communigate:communigate_pro:{service.version}"/>
1759
1841
  </fingerprint>
1760
1842
 
1761
1843
  <fingerprint pattern="^(\S+) NO UCE NO UBE NO RELAY PROBES ESMTP">
@@ -1962,8 +1962,10 @@
1962
1962
  <fingerprint pattern="^dropbear$">
1963
1963
  <description>Dropbear w/o version - http://matt.ucc.asn.au/dropbear/dropbear.html</description>
1964
1964
  <example>dropbear</example>
1965
+ <param pos="0" name="service.vendor" value="Dropbear SSH Project"/>
1965
1966
  <param pos="0" name="service.family" value="Dropbear"/>
1966
- <param pos="0" name="service.product" value="Dropbear"/>
1967
+ <param pos="0" name="service.product" value="Dropbear SSH"/>
1968
+ <param pos="0" name="service.cpe23" value="cpe:/a:dropbear_ssh_project:dropbear_ssh:-"/>
1967
1969
  </fingerprint>
1968
1970
 
1969
1971
  <fingerprint pattern="^dropbear_(.*)$">
@@ -1971,8 +1973,10 @@
1971
1973
  <example service.version="2015.67">dropbear_2015.67</example>
1972
1974
  <example service.version="0.49">dropbear_0.49</example>
1973
1975
  <param pos="1" name="service.version"/>
1976
+ <param pos="0" name="service.vendor" value="Dropbear SSH Project"/>
1974
1977
  <param pos="0" name="service.family" value="Dropbear"/>
1975
- <param pos="0" name="service.product" value="Dropbear"/>
1978
+ <param pos="0" name="service.product" value="Dropbear SSH"/>
1979
+ <param pos="0" name="service.cpe23" value="cpe:/a:dropbear_ssh_project:dropbear_ssh:{service.version}"/>
1976
1980
  </fingerprint>
1977
1981
 
1978
1982
  <fingerprint pattern="^lancom$">
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: recog
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.3.11
4
+ version: 2.3.12
5
5
  platform: ruby
6
6
  authors:
7
7
  - Rapid7 Research
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-07-16 00:00:00.000000000 Z
11
+ date: 2020-07-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rspec