recog 2.3.17 → 2.3.21

Sign up to get free protection for your applications and to get access to all the features.
Files changed (51) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/ci.yml +26 -0
  3. data/bin/recog_standardize +6 -0
  4. data/cpe-remap.yaml +342 -200
  5. data/identifiers/README.md +24 -10
  6. data/identifiers/fields.txt +104 -0
  7. data/identifiers/hw_device.txt +2 -0
  8. data/identifiers/hw_family.txt +11 -0
  9. data/identifiers/hw_product.txt +71 -0
  10. data/identifiers/os_device.txt +2 -1
  11. data/identifiers/os_family.txt +2 -0
  12. data/identifiers/os_product.txt +36 -8
  13. data/identifiers/service_family.txt +10 -1
  14. data/identifiers/service_product.txt +78 -2
  15. data/identifiers/vendor.txt +55 -0
  16. data/lib/recog/nizer.rb +1 -82
  17. data/lib/recog/version.rb +1 -1
  18. data/requirements.txt +1 -1
  19. data/update_cpes.py +18 -5
  20. data/xml/apache_modules.xml +60 -0
  21. data/xml/apache_os.xml +1 -1
  22. data/xml/dns_versionbind.xml +11 -1
  23. data/xml/favicons.xml +122 -3
  24. data/xml/ftp_banners.xml +62 -51
  25. data/xml/html_title.xml +553 -41
  26. data/xml/http_cookies.xml +262 -61
  27. data/xml/http_servers.xml +478 -108
  28. data/xml/http_wwwauth.xml +36 -9
  29. data/xml/imap_banners.xml +5 -5
  30. data/xml/ldap_searchresult.xml +1 -0
  31. data/xml/mdns_device-info_txt.xml +340 -10
  32. data/xml/mysql_banners.xml +2 -1
  33. data/xml/nntp_banners.xml +1 -1
  34. data/xml/ntp_banners.xml +16 -2
  35. data/xml/operating_system.xml +4 -4
  36. data/xml/pop_banners.xml +4 -4
  37. data/xml/rtsp_servers.xml +7 -0
  38. data/xml/sip_banners.xml +347 -9
  39. data/xml/sip_user_agents.xml +323 -4
  40. data/xml/smb_native_lm.xml +32 -1
  41. data/xml/smb_native_os.xml +160 -33
  42. data/xml/smtp_banners.xml +167 -128
  43. data/xml/smtp_expn.xml +1 -0
  44. data/xml/smtp_vrfy.xml +1 -0
  45. data/xml/snmp_sysdescr.xml +205 -36
  46. data/xml/ssh_banners.xml +139 -25
  47. data/xml/telnet_banners.xml +92 -48
  48. data/xml/tls_jarm.xml +140 -0
  49. data/xml/x509_issuers.xml +201 -2
  50. data/xml/x509_subjects.xml +251 -32
  51. metadata +5 -2
data/xml/smtp_expn.xml CHANGED
@@ -78,6 +78,7 @@
78
78
  <param pos="0" name="service.vendor" value="Lotus"/>
79
79
  <param pos="0" name="service.family" value="Lotus Domino"/>
80
80
  <param pos="0" name="service.product" value="Lotus Domino"/>
81
+ <param pos="0" name="service.cpe23" value="cpe:/a:ibm:lotus_domino:-"/>
81
82
  </fingerprint>
82
83
 
83
84
  <fingerprint pattern="^550[ -]Unable to find list '.*'\.$">
data/xml/smtp_vrfy.xml CHANGED
@@ -95,6 +95,7 @@
95
95
  <param pos="0" name="service.vendor" value="Lotus"/>
96
96
  <param pos="0" name="service.family" value="Lotus Domino"/>
97
97
  <param pos="0" name="service.product" value="Lotus Domino"/>
98
+ <param pos="0" name="service.cpe23" value="cpe:/a:ibm:lotus_domino:-"/>
98
99
  </fingerprint>
99
100
 
100
101
  </fingerprints>
@@ -1039,7 +1039,9 @@
1039
1039
  <param pos="0" name="os.vendor" value="Brocade"/>
1040
1040
  <param pos="0" name="os.product" value="Fabric OS"/>
1041
1041
  <param pos="0" name="os.device" value="Switch"/>
1042
- <param pos="0" name="os.cpe23" value="cpe:/o:brocade:fabric_os:-"/>
1042
+ <param pos="0" name="os.cpe23" value="cpe:/o:broadcom:fabric_operating_system:-"/>
1043
+ <param pos="0" name="hw.vendor" value="Brocade"/>
1044
+ <param pos="0" name="hw.device" value="Switch"/>
1043
1045
  </fingerprint>
1044
1046
 
1045
1047
  <fingerprint pattern="^Brocade ((?:\S+ )?SAN Switch) Module for IBM eServer BladeCenter$">
@@ -1050,6 +1052,7 @@
1050
1052
  <param pos="0" name="os.vendor" value="Brocade"/>
1051
1053
  <param pos="0" name="os.device" value="Switch"/>
1052
1054
  <param pos="1" name="os.product"/>
1055
+ <param pos="0" name="hw.vendor" value="Brocade"/>
1053
1056
  </fingerprint>
1054
1057
 
1055
1058
  <fingerprint pattern="^Brocade (?:Communications? Systems, Inc\. )?([^,\(]+)(?: \([^\)]+\))?,(?: Extended route scalability,)? IronWare Version V?(\S+) .*$">
@@ -1079,6 +1082,47 @@
1079
1082
  <param pos="2" name="os.version"/>
1080
1083
  </fingerprint>
1081
1084
 
1085
+ <fingerprint pattern="^Brocade VDX Switch, BR-(\S+), Network Operating System Software Version (\S+)\.$">
1086
+ <description>Brocade VDX Switch</description>
1087
+ <example hw.product="VDX6740" os.version="7.0.2b">Brocade VDX Switch, BR-VDX6740, Network Operating System Software Version 7.0.2b.</example>
1088
+ <param pos="0" name="os.vendor" value="Brocade"/>
1089
+ <param pos="0" name="os.device" value="Switch"/>
1090
+ <param pos="0" name="os.family" value="NetworkOS"/>
1091
+ <param pos="2" name="os.version"/>
1092
+ <param pos="0" name="hw.vendor" value="Brocade"/>
1093
+ <param pos="0" name="hw.family" value="VDX"/>
1094
+ <param pos="1" name="hw.product"/>
1095
+ <param pos="0" name="hw.device" value="Switch"/>
1096
+ </fingerprint>
1097
+
1098
+ <fingerprint pattern="^([^,]{1,512}), (VDX\S+), Network Operating System Software Version (\S+)\.$">
1099
+ <description>Brocade VDX Switch w/Hostname</description>
1100
+ <example host.name="core02" hw.product="VDX6740T-1G" os.version="7.0.1b">core02, VDX6740T-1G, Network Operating System Software Version 7.0.1b.</example>
1101
+ <param pos="0" name="os.vendor" value="Brocade"/>
1102
+ <param pos="0" name="os.device" value="Switch"/>
1103
+ <param pos="0" name="os.family" value="NetworkOS"/>
1104
+ <param pos="3" name="os.version"/>
1105
+ <param pos="0" name="hw.vendor" value="Brocade"/>
1106
+ <param pos="0" name="hw.family" value="VDX"/>
1107
+ <param pos="2" name="hw.product"/>
1108
+ <param pos="0" name="hw.device" value="Switch"/>
1109
+ <param pos="1" name="host.name"/>
1110
+ </fingerprint>
1111
+
1112
+ <fingerprint pattern="^([^,]{1,512}), BR-(\S+), Network Operating System Software Version (\S+)\.$">
1113
+ <description>Brocade VDX Switch w/Hostname and BR prefix</description>
1114
+ <example host.name="core01" hw.product="VDX6740" os.version="7.0.2b">core01, BR-VDX6740, Network Operating System Software Version 7.0.2b.</example>
1115
+ <param pos="0" name="os.vendor" value="Brocade"/>
1116
+ <param pos="0" name="os.device" value="Switch"/>
1117
+ <param pos="0" name="os.family" value="NetworkOS"/>
1118
+ <param pos="3" name="os.version"/>
1119
+ <param pos="0" name="hw.vendor" value="Brocade"/>
1120
+ <param pos="0" name="hw.family" value="VDX"/>
1121
+ <param pos="2" name="hw.product"/>
1122
+ <param pos="0" name="hw.device" value="Switch"/>
1123
+ <param pos="1" name="host.name"/>
1124
+ </fingerprint>
1125
+
1082
1126
  <!--======================================================================
1083
1127
  BROTHER
1084
1128
  =======================================================================-->
@@ -1352,7 +1396,7 @@
1352
1396
  Computer Associates
1353
1397
  =======================================================================-->
1354
1398
 
1355
- <fingerprint pattern="^(?:Linux )?\s*SystemEDGE.*$">
1399
+ <fingerprint pattern="^(?:Linux )?\s{0,256}SystemEDGE.*$">
1356
1400
  <description>CA SystemEDGE Management Agent</description>
1357
1401
  <example>Linux SystemEDGE Management Agent, Concord Communications, Inc.</example>
1358
1402
  <example>SystemEDGE Management Agent, CA, Inc.</example>
@@ -1409,7 +1453,7 @@
1409
1453
  <param pos="0" name="os.product" value="Switch"/>
1410
1454
  </fingerprint>
1411
1455
 
1412
- <fingerprint pattern="^(\S+) OPTICAL SW:(\S+) .* Ciena \(R\) Corporation$">
1456
+ <fingerprint pattern="^(\S{1,32}) OPTICAL SW:(\S+) .* Ciena \(R\) Corporation$">
1413
1457
  <description>Ciena Optical - software version variant</description>
1414
1458
  <example>6500 OPTICAL SW:0810 BN:HD (c) Ciena (R) Corporation</example>
1415
1459
  <param pos="0" name="os.vendor" value="Ciena"/>
@@ -1539,7 +1583,7 @@
1539
1583
  <param pos="0" name="os.product" value="Adaptive Security Appliance"/>
1540
1584
  <param pos="0" name="os.device" value="Firewall"/>
1541
1585
  <param pos="1" name="os.version"/>
1542
- <param pos="0" name="os.cpe23" value="cpe:/o:cisco:adaptive_security_appliance:{os.version}"/>
1586
+ <param pos="0" name="os.cpe23" value="cpe:/o:cisco:adaptive_security_appliance_software:{os.version}"/>
1543
1587
  <param pos="0" name="hw.vendor" value="Cisco"/>
1544
1588
  <param pos="0" name="hw.family" value="Adaptive Security Appliance"/>
1545
1589
  <param pos="0" name="hw.product" value="Adaptive Security Appliance"/>
@@ -1568,7 +1612,7 @@
1568
1612
  <param pos="0" name="os.product" value="VPN 3000 Concentrator"/>
1569
1613
  <param pos="0" name="os.device" value="VPN"/>
1570
1614
  <param pos="1" name="os.version"/>
1571
- <param pos="0" name="os.cpe23" value="cpe:/o:cisco:vpn_3000_concentrator:{os.version}"/>
1615
+ <param pos="0" name="os.cpe23" value="cpe:/o:cisco:vpn_3000_concentrator_series_software:{os.version}"/>
1572
1616
  </fingerprint>
1573
1617
 
1574
1618
  <fingerprint pattern="^(?:Cisco )?Network Analysis Module \(WS-[^\)]+\), Version ([^, ]+)[,\s]?">
@@ -1587,6 +1631,11 @@ Copyright (c) 1999-2004 by cisco Systems, Inc.</example>
1587
1631
  <param pos="0" name="os.product" value="NAM"/>
1588
1632
  <param pos="0" name="os.device" value="Network Management Device"/>
1589
1633
  <param pos="1" name="os.version"/>
1634
+ <param pos="0" name="os.cpe23" value="cpe:/o:cisco:network_analysis_module_software:{os.version}"/>
1635
+ <param pos="0" name="hw.vendor" value="Cisco"/>
1636
+ <param pos="0" name="hw.product" value="NAM"/>
1637
+ <param pos="0" name="hw.device" value="Network Management Device"/>
1638
+ <param pos="0" name="hw.cpe23" value="cpe:/h:cisco:network_analysis_module:-"/>
1590
1639
  </fingerprint>
1591
1640
 
1592
1641
  <fingerprint pattern="^(?:Cisco )?Network Analysis Module \(WS-([^\-]+)-NAM\)$">
@@ -1596,6 +1645,9 @@ Copyright (c) 1999-2004 by cisco Systems, Inc.</example>
1596
1645
  <param pos="0" name="os.vendor" value="Cisco"/>
1597
1646
  <param pos="0" name="os.product" value="NAM"/>
1598
1647
  <param pos="0" name="os.device" value="Network Management Device"/>
1648
+ <param pos="0" name="os.cpe23" value="cpe:/o:cisco:network_analysis_module_software:-"/>
1649
+ <param pos="0" name="hw.vendor" value="Cisco"/>
1650
+ <param pos="0" name="hw.device" value="Network Management Device"/>
1599
1651
  <param pos="1" name="hw.product"/>
1600
1652
  </fingerprint>
1601
1653
 
@@ -1796,6 +1848,21 @@ Copyright (c) 1995-2005 by Cisco Systems
1796
1848
  <param pos="1" name="os.version"/>
1797
1849
  </fingerprint>
1798
1850
 
1851
+ <!--======================================================================
1852
+ Cumulus
1853
+ =======================================================================-->
1854
+
1855
+ <fingerprint pattern="^Cumulus Linux (\S+) \(Linux Kernel ([^\)]+)\)">
1856
+ <description>Cumulus Linux</description>
1857
+ <example os.version="3.7.2" os.version.version="4.1.33-1+cl3u17">Cumulus Linux 3.7.2 (Linux Kernel 4.1.33-1+cl3u17)</example>
1858
+ <param pos="0" name="os.vendor" value="Cumulus"/>
1859
+ <param pos="0" name="os.device" value="Switch"/>
1860
+ <param pos="0" name="os.product" value="Cumulus Linux"/>
1861
+ <param pos="1" name="os.version"/>
1862
+ <param pos="2" name="os.version.version"/>
1863
+ <param pos="0" name="os.cpe23" value="cpe:/o:cumulusnetworks:cumulus_linux:{os.version}"/>
1864
+ </fingerprint>
1865
+
1799
1866
  <!--======================================================================
1800
1867
  DATA DOMAIN
1801
1868
  =======================================================================-->
@@ -2383,9 +2450,9 @@ Copyright (c) 1995-2005 by Cisco Systems
2383
2450
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:{os.version}"/>
2384
2451
  </fingerprint>
2385
2452
 
2386
- <fingerprint pattern="^(\S+) .*OpenVMS V(\S+) .*$">
2453
+ <fingerprint pattern="^(\S{1,512}) .*OpenVMS V(\S+) .*$">
2387
2454
  <description>OpenVMS</description>
2388
- <example>hostname VAX 4000-200 OpenVMS V7.2 Compaq TCP/IP Services for OpenVMS</example>
2455
+ <example host.name="hostname">hostname VAX 4000-200 OpenVMS V7.2 Compaq TCP/IP Services for OpenVMS</example>
2389
2456
  <param pos="0" name="os.vendor" value="HP"/>
2390
2457
  <param pos="0" name="os.family" value="OpenVMS"/>
2391
2458
  <param pos="0" name="os.product" value="OpenVMS"/>
@@ -2394,7 +2461,7 @@ Copyright (c) 1995-2005 by Cisco Systems
2394
2461
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:openvms:{os.version}"/>
2395
2462
  </fingerprint>
2396
2463
 
2397
- <fingerprint pattern="^(\S+) (.*?) (?:HP|Compaq) Tru64 UNIX V(\S+) \(Rev\. ([^\)]+)\).*TCP/IP$">
2464
+ <fingerprint pattern="^(\S{1,512}) (.*?) (?:HP|Compaq) Tru64 UNIX V(\S+) \(Rev\. ([^\)]+)\).*TCP\/IP$">
2398
2465
  <description>Digital/Compaq/HP Tru64 Unix</description>
2399
2466
  <example host.name="was1" hw.product="AlphaServer DS10 466 MHz" os.version="5.1B" os.version.version="2650">was1 AlphaServer DS10 466 MHz Compaq Tru64 UNIX V5.1B (Rev. 2650); Wed Feb 25 13:29:07 KST 2004 TCP/IP</example>
2400
2467
  <param pos="0" name="os.vendor" value="HP"/>
@@ -2407,7 +2474,7 @@ Copyright (c) 1995-2005 by Cisco Systems
2407
2474
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:tru64_unix:{os.version}"/>
2408
2475
  </fingerprint>
2409
2476
 
2410
- <fingerprint pattern="^(\S+) (.*?) Digital UNIX V(\S+)\s+\(Rev\. ([^\)]+)\).*TCP/IP$">
2477
+ <fingerprint pattern="^(\S{1,512}) (.*?) Digital UNIX V(\S+)\s+\(Rev\. ([^\)]+)\).*TCP/IP$">
2411
2478
  <description>Digital/Compaq/HP Tru64 Unix - Digital branding variant</description>
2412
2479
  <example host.name="example.com" hw.product="COMPAQ AlphaServer DS10 617 MHz" os.version="4.0F" os.version.version="1229">example.com COMPAQ AlphaServer DS10 617 MHz Digital UNIX V4.0F (Rev. 1229); Wed May 22 13:55:58 CST 2002 TCP/IP</example>
2413
2480
  <example host.name="example.com" hw.product="COMPAQ Professional Workstation XP1000" os.version="4.0F" os.version.version="1229">example.com COMPAQ Professional Workstation XP1000 Digital UNIX V4.0F (Rev. 1229); Wed Jun 30 14:32:53 MET DST 2004 . TCP/IP</example>
@@ -3015,6 +3082,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3015
3082
  <param pos="0" name="os.product" value="iLO"/>
3016
3083
  <param pos="0" name="os.device" value="Lights Out Management"/>
3017
3084
  <param pos="1" name="os.version"/>
3085
+ <param pos="0" name="os.cpe23" value="cpe:/o:hp:integrated_lights-out_firmware:{os.version}"/>
3018
3086
  </fingerprint>
3019
3087
 
3020
3088
  <fingerprint pattern="^Integrated Lights-Out (\d) \(iLO \d\) for Integrity$">
@@ -3025,6 +3093,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3025
3093
  <param pos="0" name="os.product" value="iLO"/>
3026
3094
  <param pos="0" name="os.device" value="Lights Out Management"/>
3027
3095
  <param pos="1" name="os.version"/>
3096
+ <param pos="0" name="os.cpe23" value="cpe:/o:hp:integrated_lights-out_firmware:{os.version}"/>
3028
3097
  </fingerprint>
3029
3098
 
3030
3099
  <!--======================================================================
@@ -3103,7 +3172,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3103
3172
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:4.3"/>
3104
3173
  </fingerprint>
3105
3174
 
3106
- <fingerprint pattern="^(?:\S+ )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 04\.02\..*$">
3175
+ <fingerprint pattern="^(?:\S{1,1024} )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 04\.02\..*$">
3107
3176
  <description>IBM AIX 4.2 on PowerPC</description>
3108
3177
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 0040906A4C00 Base Operating System Runtime AIX version: 04.02.0001.0000 TCP/IP Client Support version: 04.02.0001.0000</example>
3109
3178
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 0044B47A4C00 Base Operating System Runtime AIX version: 04.02.0001.0000 TCP/IP Client Support version: 04.02.0001.0000</example>
@@ -3118,7 +3187,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3118
3187
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:4.2"/>
3119
3188
  </fingerprint>
3120
3189
 
3121
- <fingerprint pattern="^(?:\S+ )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 04\.03\..*$">
3190
+ <fingerprint pattern="^(?:\S{1,1024} )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 04\.03\..*$">
3122
3191
  <description>IBM AIX 4.3 on PowerPC</description>
3123
3192
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 0056BD5A4C00 Base Operating System Runtime AIX version: 04.03.0003.0075 TCP/IP Client Support version: 04.03.0003.0075</example>
3124
3193
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 005A269A4C00 Base Operating System Runtime AIX version: 04.03.0003.0075 TCP/IP Client Support version: 04.03.0003.0075</example>
@@ -3135,7 +3204,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3135
3204
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:4.3"/>
3136
3205
  </fingerprint>
3137
3206
 
3138
- <fingerprint pattern="^(?:\S+ )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 05\.01\..*$">
3207
+ <fingerprint pattern="^(?:\S{1,1024} )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 05\.01\..*$">
3139
3208
  <description>IBM AIX 5.1 on PowerPC</description>
3140
3209
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 0059B7BA4C00 Base Operating System Runtime AIX version: 05.01.0000.0051 TCP/IP Client Support version: 05.01.0000.0070</example>
3141
3210
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 009F12264C00 Base Operating System Runtime AIX version: 05.01.0000.0050 TCP/IP Client Support version: 05.01.0000.0050</example>
@@ -3158,7 +3227,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3158
3227
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:5.1"/>
3159
3228
  </fingerprint>
3160
3229
 
3161
- <fingerprint pattern="^(?:\S+ )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Operating System Software: AIX version: 5\.1 Networking Software:.*$">
3230
+ <fingerprint pattern="^(?:\S{1,1024} )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Operating System Software: AIX version: 5\.1 Networking Software:.*$">
3162
3231
  <description>IBM AIX 5.1 on PowerPC - network software variant</description>
3163
3232
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 0008FB8A4C00 Operating System Software: AIX version: 5.1 Networking Software: not available!</example>
3164
3233
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 000BD57F4C00 Operating System Software: AIX version: 5.1 Networking Software: not available!</example>
@@ -3170,7 +3239,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3170
3239
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:5.1"/>
3171
3240
  </fingerprint>
3172
3241
 
3173
- <fingerprint pattern="^(?:\S+ )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 05\.02\..*$">
3242
+ <fingerprint pattern="^(?:\S{1,1024} )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 05\.02\..*$">
3174
3243
  <description>IBM AIX 5.2 on PowerPC</description>
3175
3244
  <example>IBM PowerPC CHRP Computer.Machine Type: 0x0800004c Processor id: 00C0E53F4C00.Base Operating System Runtime AIX version: 05.02.0000.0105.TCP/IP Client Support version: 05.02.0000.0107</example>
3176
3245
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 00CBEEFA4C00 Base Operating System Runtime AIX version: 05.02.0000.0075 TCP/IP Client Support version: 05.02.0000.0075</example>
@@ -3197,7 +3266,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3197
3266
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:5.2"/>
3198
3267
  </fingerprint>
3199
3268
 
3200
- <fingerprint pattern="^(?:\S+ )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 05\.03\..*$">
3269
+ <fingerprint pattern="^(?:\S{1,1024} )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 05\.03\..*$">
3201
3270
  <description>IBM AIX 5.3 on PowerPC</description>
3202
3271
  <example>IBM PowerPC CHRP Computer.Machine Type: 0x0800004c Processor id: 000A3CD8D600.Base Operating System Runtime AIX version: 05.03.0000.0060.TCP/IP Client Support version: 05.03.0000.0063</example>
3203
3272
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 00F7BF9F4C00 Base Operating System Runtime AIX version: 05.03.0012.0001 TCP/IP Client Support version: 05.03.0012.0005</example>
@@ -3220,7 +3289,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3220
3289
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:5.3"/>
3221
3290
  </fingerprint>
3222
3291
 
3223
- <fingerprint pattern="^(?:\S+ )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime VIOS [^:]+: 05\.03\..*$">
3292
+ <fingerprint pattern="^(?:\S{1,1024} )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime VIOS [^:]+: 05\.03\..*$">
3224
3293
  <description>IBM VIOS 5.3 on PowerPC</description>
3225
3294
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 00018C4AD400 Base Operating System Runtime VIOS version: 05.03.0008.0000 TCP/IP Client Support version: 05.03.0008.0000</example>
3226
3295
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 0002EBDAD700 Base Operating System Runtime VIOS version: 05.03.0008.0000 TCP/IP Client Support version: 05.03.0008.0001</example>
@@ -3237,7 +3306,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3237
3306
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:vios:5.3"/>
3238
3307
  </fingerprint>
3239
3308
 
3240
- <fingerprint pattern="^(?:\S+ )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 06\.01\..*$">
3309
+ <fingerprint pattern="^(?:\S{1,1024} )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 06\.01\..*$">
3241
3310
  <description>IBM AIX 6.1 on PowerPC</description>
3242
3311
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 00F77AEE4C00 Base Operating System Runtime AIX version: 06.01.0006.0015 TCP/IP Client Support version: 06.01.0006.0015</example>
3243
3312
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 00F77C9A4C00 Base Operating System Runtime AIX version: 06.01.0006.0015 TCP/IP Client Support version: 06.01.0006.0015</example>
@@ -3251,7 +3320,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3251
3320
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:6.1"/>
3252
3321
  </fingerprint>
3253
3322
 
3254
- <fingerprint pattern="^(?:\S+ )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime VIOS [^:]+: 06\.01\..*$">
3323
+ <fingerprint pattern="^(?:\S{1,1024} )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime VIOS [^:]+: 06\.01\..*$">
3255
3324
  <description>IBM VIOS 6.1 on PowerPC</description>
3256
3325
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 00055539D600 Base Operating System Runtime VIOS version: 06.01.0007.0000 TCP/IP Client Support version: 06.01.0005.0000</example>
3257
3326
  <param pos="0" name="os.vendor" value="IBM"/>
@@ -3261,7 +3330,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3261
3330
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:vios:6.1"/>
3262
3331
  </fingerprint>
3263
3332
 
3264
- <fingerprint pattern="^(?:\S+ )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 07\.01\..*$">
3333
+ <fingerprint pattern="^(?:\S{1,1024} )?(?:Motorola PowerPC|IBM PowerPC|\S+ \S+ PowerPC IBM).*Base Operating System Runtime AIX [^:]+: 07\.01\..*$">
3265
3334
  <description>IBM AIX 7.1 on PowerPC</description>
3266
3335
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 000B0148D700 Base Operating System Runtime AIX version: 07.01.0000.0015 TCP/IP Client Support version: 07.01.0000.0015</example>
3267
3336
  <example>IBM PowerPC CHRP Computer Machine Type: 0x0800004c Processor id: 00C5433C4C00 Base Operating System Runtime AIX version: 07.01.0001.0000 TCP/IP Client Support version: 07.01.0001.0003</example>
@@ -3274,7 +3343,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3274
3343
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:7.1"/>
3275
3344
  </fingerprint>
3276
3345
 
3277
- <fingerprint pattern="^(?:\S+ )?UNIX System Machine Type: not available.*Base Operating System Runtime AIX [^:]+: 05\.01\..*$">
3346
+ <fingerprint pattern="^(?:\S{1,1024} )?UNIX System Machine Type: not available.*Base Operating System Runtime AIX [^:]+: 05\.01\..*$">
3278
3347
  <description>IBM AIX 5.1 - unknown machine type variant</description>
3279
3348
  <example>UNIX System Machine Type: not available! Processor id: 0001FDAF4C00 Base Operating System Runtime AIX version: 05.01.0000.0051 TCP/IP Client Support version: 05.01.0000.0070</example>
3280
3349
  <param pos="0" name="os.vendor" value="IBM"/>
@@ -3284,7 +3353,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3284
3353
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:5.1"/>
3285
3354
  </fingerprint>
3286
3355
 
3287
- <fingerprint pattern="^(?:\S+ )?UNIX System Machine Type: not available.*Base Operating System Runtime AIX [^:]+: 05\.02\..*$">
3356
+ <fingerprint pattern="^(?:\S{1,1024} )?UNIX System Machine Type: not available.*Base Operating System Runtime AIX [^:]+: 05\.02\..*$">
3288
3357
  <description>IBM AIX 5.2 - unknown machine type variant</description>
3289
3358
  <example>UNIX System Machine Type: not available! Processor id: 0001FDAF4C00 Base Operating System Runtime AIX version: 05.02.0000.0105 TCP/IP Client Support version: 05.02.0000.0107</example>
3290
3359
  <param pos="0" name="os.vendor" value="IBM"/>
@@ -3294,7 +3363,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3294
3363
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:5.2"/>
3295
3364
  </fingerprint>
3296
3365
 
3297
- <fingerprint pattern="^(?:\S+ )?UNIX System Machine Type: not available.*Base Operating System Runtime AIX [^:]+: 05\.03\..*$">
3366
+ <fingerprint pattern="^(?:\S{1,1024} )?UNIX System Machine Type: not available.*Base Operating System Runtime AIX [^:]+: 05\.03\..*$">
3298
3367
  <description>IBM AIX 5.3 - unknown machine type variant</description>
3299
3368
  <example>UNIX System Machine Type: not available! Processor id: 0001FDAF4C00 Base Operating System Runtime AIX version: 05.03.0000.0050 TCP/IP Client Support version: 05.03.0000.0053</example>
3300
3369
  <param pos="0" name="os.vendor" value="IBM"/>
@@ -3304,7 +3373,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3304
3373
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:5.3"/>
3305
3374
  </fingerprint>
3306
3375
 
3307
- <fingerprint pattern="^(?:\S+ )?UNIX System Machine Type: not available.*Base Operating System Runtime AIX [^:]+: 06\.01\..*$">
3376
+ <fingerprint pattern="^(?:\S{1,1024} )?UNIX System Machine Type: not available.*Base Operating System Runtime AIX [^:]+: 06\.01\..*$">
3308
3377
  <description>IBM AIX 6.1 - unknown machine type variant</description>
3309
3378
  <example>UNIX System Machine Type: not available! Processor id: 0001FDAF4C00 Base Operating System Runtime AIX version: 06.01.0007.0000 TCP/IP Client Support version: 06.01.0005.0000</example>
3310
3379
  <param pos="0" name="os.vendor" value="IBM"/>
@@ -3314,7 +3383,7 @@ Copyright (c) 1995-2005 by Cisco Systems
3314
3383
  <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:6.1"/>
3315
3384
  </fingerprint>
3316
3385
 
3317
- <fingerprint pattern="^(?:\S+ )?UNIX System Machine Type: not available.*Base Operating System Runtime AIX [^:]+: 07\.01\..*$">
3386
+ <fingerprint pattern="^(?:\S{1,1024} )?UNIX System Machine Type: not available.*Base Operating System Runtime AIX [^:]+: 07\.01\..*$">
3318
3387
  <description>IBM AIX 7.1 - unknown machine type variant</description>
3319
3388
  <example>UNIX System Machine Type: not available! Processor id: 0001FDAF4C00 Base Operating System Runtime AIX version: 07.01.0001.0000 TCP/IP Client Support version: 07.01.0001.0002</example>
3320
3389
  <param pos="0" name="os.vendor" value="IBM"/>
@@ -4785,7 +4854,7 @@ Copyright (c) 1995-2005 by Cisco Systems
4785
4854
  <param pos="0" name="os.vendor" value="NetApp"/>
4786
4855
  <param pos="0" name="os.family" value="Data ONTAP"/>
4787
4856
  <param pos="0" name="os.product" value="Data ONTAP"/>
4788
- <param pos="0" name="os.device" value="File Server"/>
4857
+ <param pos="0" name="os.device" value="NAS"/>
4789
4858
  <param pos="1" name="os.version"/>
4790
4859
  <param pos="0" name="os.cpe23" value="cpe:/o:netapp:data_ontap:{os.version}"/>
4791
4860
  </fingerprint>
@@ -4853,6 +4922,7 @@ Copyright (c) 1995-2005 by Cisco Systems
4853
4922
  <param pos="0" name="os.product" value="NetScaler"/>
4854
4923
  <param pos="1" name="os.version"/>
4855
4924
  <param pos="2" name="os.version.version"/>
4925
+ <param pos="0" name="os.cpe23" value="cpe:/o:citrix:netscaler_firmware:{os.version}"/>
4856
4926
  </fingerprint>
4857
4927
 
4858
4928
  <!--======================================================================
@@ -5496,14 +5566,28 @@ Copyright (c) 1995-2005 by Cisco Systems
5496
5566
  <example>Palo Alto Networks PA-4000 series firewall</example>
5497
5567
  <param pos="0" name="os.vendor" value="Palo Alto Networks"/>
5498
5568
  <param pos="0" name="os.device" value="Firewall"/>
5499
- <param pos="1" name="os.product"/>
5569
+ <param pos="0" name="os.product" value="PAN-OS"/>
5570
+ <param pos="0" name="os.family" value="PAN-OS"/>
5571
+ <param pos="0" name="os.cpe23" value="cpe:/o:paloaltonetworks:pan-os:-"/>
5572
+ <param pos="0" name="service.vendor" value="Palo Alto Networks"/>
5573
+ <param pos="0" name="service.device" value="Firewall"/>
5574
+ <param pos="0" name="hw.vendor" value="Palo Alto Networks"/>
5575
+ <param pos="0" name="hw.device" value="Firewall"/>
5576
+ <param pos="1" name="hw.product"/>
5500
5577
  </fingerprint>
5501
5578
 
5502
5579
  <fingerprint pattern="^Palo Alto Networks Panorama server$">
5503
5580
  <description>Palo Alto Panorama</description>
5504
5581
  <example>Palo Alto Networks Panorama server</example>
5505
5582
  <param pos="0" name="os.vendor" value="Palo Alto Networks"/>
5506
- <param pos="0" name="os.product" value="Panorama Server"/>
5583
+ <param pos="0" name="os.product" value="PAN-OS"/>
5584
+ <param pos="0" name="os.family" value="PAN-OS"/>
5585
+ <param pos="0" name="os.device" value="Firewall"/>
5586
+ <param pos="0" name="os.cpe23" value="cpe:/o:paloaltonetworks:pan-os:-"/>
5587
+ <param pos="0" name="service.vendor" value="Palo Alto Networks"/>
5588
+ <param pos="0" name="service.product" value="Panorama Server"/>
5589
+ <param pos="0" name="service.device" value="Firewall"/>
5590
+ <param pos="0" name="hw.vendor" value="Palo Alto Networks"/>
5507
5591
  </fingerprint>
5508
5592
 
5509
5593
  <!--======================================================================
@@ -6094,6 +6178,7 @@ Copyright (c) 1995-2005 by Cisco Systems
6094
6178
  <param pos="0" name="os.vendor" value="SonicWall"/>
6095
6179
  <param pos="0" name="os.device" value="Firewall"/>
6096
6180
  <param pos="0" name="os.product" value="SonicOS"/>
6181
+ <param pos="0" name="hw.vendor" value="SonicWall"/>
6097
6182
  <param pos="1" name="hw.product"/>
6098
6183
  <param pos="2" name="hw.model"/>
6099
6184
  <param pos="3" name="os.version"/>
@@ -6107,6 +6192,7 @@ Copyright (c) 1995-2005 by Cisco Systems
6107
6192
  <param pos="0" name="os.vendor" value="SonicWall"/>
6108
6193
  <param pos="0" name="os.device" value="Firewall"/>
6109
6194
  <param pos="0" name="os.product" value="SonicOS"/>
6195
+ <param pos="0" name="hw.vendor" value="SonicWall"/>
6110
6196
  <param pos="1" name="hw.product"/>
6111
6197
  <param pos="2" name="os.version"/>
6112
6198
  <param pos="0" name="os.cpe23" value="cpe:/o:sonicwall:sonicos:{os.version}"/>
@@ -6126,6 +6212,7 @@ Copyright (c) 1995-2005 by Cisco Systems
6126
6212
  <param pos="0" name="os.device" value="Firewall"/>
6127
6213
  <param pos="0" name="os.product" value="SonicOS"/>
6128
6214
  <param pos="0" name="os.cpe23" value="cpe:/o:sonicwall:sonicos:-"/>
6215
+ <param pos="0" name="hw.vendor" value="SonicWall"/>
6129
6216
  <param pos="1" name="hw.family"/>
6130
6217
  <param pos="2" name="hw.product"/>
6131
6218
  </fingerprint>
@@ -6178,7 +6265,7 @@ Copyright (c) 1995-2005 by Cisco Systems
6178
6265
  SGI
6179
6266
  =======================================================================-->
6180
6267
 
6181
- <fingerprint pattern="^.* IRIX (?:version )?(\d+\S+).*$">
6268
+ <fingerprint pattern="^.{0,256} IRIX (?:version )?(\d+\S+).*$">
6182
6269
  <description>SGI IRIX</description>
6183
6270
  <example os.version="6.5">Silicon Graphics IRIS Indigo2 running IRIX version 6.5</example>
6184
6271
  <example os.version="5.3">Silicon Graphics IRIS Indigo2 Elan running IRIX 5.3</example>
@@ -6193,7 +6280,7 @@ Copyright (c) 1995-2005 by Cisco Systems
6193
6280
  <param pos="0" name="os.cpe23" value="cpe:/o:sgi:irix:{os.version}"/>
6194
6281
  </fingerprint>
6195
6282
 
6196
- <fingerprint pattern="^.* IRIX64 (?:version )?(\d+\S+).*$">
6283
+ <fingerprint pattern="^.{0,256} IRIX64 (?:version )?(\d+\S+).*$">
6197
6284
  <description>SGI IRIX64</description>
6198
6285
  <example os.version="6.5">Silicon Graphics Challenge/1 running IRIX64 6.5</example>
6199
6286
  <example os.version="6.5">Silicon Graphics Fuel running IRIX64 version 6.5</example>
@@ -6923,6 +7010,73 @@ Copyright (c) 1995-2005 by Cisco Systems
6923
7010
  <param pos="0" name="os.device" value="Multifunction Device"/>
6924
7011
  </fingerprint>
6925
7012
 
7013
+ <!--======================================================================
7014
+ UBIQUITI
7015
+ =======================================================================-->
7016
+
7017
+ <fingerprint pattern="^(UAP-[^\s]+) ([0-9][.a-zA-Z0-9\-]+)$">
7018
+ <description>Ubiquiti Wireless UAP</description>
7019
+ <example hw.product="UAP-AC-Mesh-Pro" hw.version="4.3.20.11298">UAP-AC-Mesh-Pro 4.3.20.11298</example>
7020
+ <param pos="0" name="hw.vendor" value="Ubiquiti"/>
7021
+ <param pos="0" name="hw.device" value="WAP"/>
7022
+ <param pos="1" name="hw.product"/>
7023
+ <param pos="2" name="hw.version"/>
7024
+ <param pos="0" name="os.vendor" value="Ubiquiti"/>
7025
+ <param pos="0" name="os.family" value="Linux"/>
7026
+ <param pos="0" name="os.device" value="WAP"/>
7027
+ </fingerprint>
7028
+
7029
+ <fingerprint pattern="^(EdgeSwitch [^,]+), ([0-9][.a-zA-Z0-9\-]+), Linux ([0-9][.a-zA-Z0-9\-]+)">
7030
+ <description>Ubiquiti EdgeSwitch w/Version and Linux version</description>
7031
+ <example hw.product="EdgeSwitch 48-Port Lite" hw.version="1.8.1.5145168" os.version="3.6.5-1b505fb7">EdgeSwitch 48-Port Lite, 1.8.1.5145168, Linux 3.6.5-1b505fb7, 1.1.0.5102011</example>
7032
+ <param pos="0" name="hw.vendor" value="Ubiquiti"/>
7033
+ <param pos="0" name="hw.device" value="Switch"/>
7034
+ <param pos="1" name="hw.product"/>
7035
+ <param pos="2" name="hw.version"/>
7036
+ <param pos="0" name="os.vendor" value="Ubiquiti"/>
7037
+ <param pos="0" name="os.family" value="Linux"/>
7038
+ <param pos="0" name="os.device" value="Switch"/>
7039
+ <param pos="3" name="os.version"/>
7040
+ </fingerprint>
7041
+
7042
+ <fingerprint pattern="^(USW GigaBit Ethernet Switch), firmware v?([0-9][.a-zA-Z0-9\-]+)$">
7043
+ <description>Ubiquiti GigaBit Ethernet Switch w/Version</description>
7044
+ <example hw.product="USW GigaBit Ethernet Switch" hw.version="5.34.0.12180">USW GigaBit Ethernet Switch, firmware 5.34.0.12180</example>
7045
+ <example hw.product="USW GigaBit Ethernet Switch" hw.version="4.3.20.1129">USW GigaBit Ethernet Switch, firmware v4.3.20.1129</example>
7046
+ <param pos="0" name="hw.vendor" value="Ubiquiti"/>
7047
+ <param pos="0" name="hw.device" value="Switch"/>
7048
+ <param pos="1" name="hw.product"/>
7049
+ <param pos="2" name="hw.version"/>
7050
+ <param pos="0" name="os.vendor" value="Ubiquiti"/>
7051
+ <param pos="0" name="os.family" value="Linux"/>
7052
+ <param pos="0" name="os.device" value="Switch"/>
7053
+ </fingerprint>
7054
+
7055
+ <fingerprint pattern="^(USW-[^\s]+), ([0-9][.a-zA-Z0-9\-]+), Linux ([0-9][.a-zA-Z0-9\-]+)$">
7056
+ <description>Ubiquiti Switch w/Version and Linux version</description>
7057
+ <example hw.product="USW-8P-60" hw.version="4.3.20.11298" os.version="3.6.5">USW-8P-60, 4.3.20.11298, Linux 3.6.5</example>
7058
+ <param pos="0" name="hw.vendor" value="Ubiquiti"/>
7059
+ <param pos="0" name="hw.device" value="Switch"/>
7060
+ <param pos="1" name="hw.product"/>
7061
+ <param pos="2" name="hw.version"/>
7062
+ <param pos="0" name="os.vendor" value="Ubiquiti"/>
7063
+ <param pos="0" name="os.family" value="Linux"/>
7064
+ <param pos="0" name="os.device" value="Switch"/>
7065
+ <param pos="3" name="os.version"/>
7066
+ </fingerprint>
7067
+
7068
+ <fingerprint pattern="^(USW-[^\s]+), ([0-9][.a-zA-Z0-9\-]+)$">
7069
+ <description>Ubiquiti Switch w/Version (no Linux version)</description>
7070
+ <example hw.product="USW-5-Flex" hw.version="4.0.80.10875">USW-5-Flex, 4.0.80.10875</example>
7071
+ <param pos="0" name="hw.vendor" value="Ubiquiti"/>
7072
+ <param pos="0" name="hw.device" value="Switch"/>
7073
+ <param pos="1" name="hw.product"/>
7074
+ <param pos="2" name="hw.version"/>
7075
+ <param pos="0" name="os.vendor" value="Ubiquiti"/>
7076
+ <param pos="0" name="os.family" value="Linux"/>
7077
+ <param pos="0" name="os.device" value="Switch"/>
7078
+ </fingerprint>
7079
+
6926
7080
  <!--======================================================================
6927
7081
  UNISYS
6928
7082
  =======================================================================-->
@@ -6948,15 +7102,30 @@ Copyright (c) 1995-2005 by Cisco Systems
6948
7102
  VMware
6949
7103
  =======================================================================-->
6950
7104
 
6951
- <fingerprint pattern="^(VMware ESXi?) (\d\.\d+\.\d+) build-\d+ VMware, Inc\. (\S+)$">
6952
- <description>VMware ESX/ESXi</description>
6953
- <example os.product="VMware ESXi" os.version="5.1.0" os.arch="x86_64">VMware ESXi 5.1.0 build-1157734 VMware, Inc. x86_64</example>
6954
- <example os.product="VMware ESX" os.version="5.0.0" os.arch="x86_64">VMware ESX 5.0.0 build-623860 VMware, Inc. x86_64</example>
7105
+ <fingerprint pattern="^VMware ESXi (\d\.\d+\.\d+) build-\d+ VMware, Inc\. (\S+)$">
7106
+ <description>VMware ESXi</description>
7107
+ <example os.version="5.1.0" os.arch="x86_64">VMware ESXi 5.1.0 build-1157734 VMware, Inc. x86_64</example>
6955
7108
  <param pos="0" name="os.vendor" value="VMware"/>
6956
7109
  <param pos="0" name="os.family" value="VMware ESX/ESXi"/>
6957
- <param pos="1" name="os.product"/>
6958
- <param pos="2" name="os.version"/>
6959
- <param pos="3" name="os.arch"/>
7110
+ <param pos="0" name="os.product" value="VMware ESXi Server"/>
7111
+ <param pos="1" name="os.version"/>
7112
+ <param pos="2" name="os.arch"/>
7113
+ <param pos="0" name="os.device" value="Hypervisor"/>
7114
+ <param pos="0" name="os.cpe23" value="cpe:/o:vmware:esxi:{os.version}"/>
7115
+ <param pos="0" name="hw.device" value="Hypervisor"/>
7116
+ </fingerprint>
7117
+
7118
+ <fingerprint pattern="^VMware ESX (\d\.\d+\.\d+) build-\d+ VMware, Inc\. (\S+)$">
7119
+ <description>VMware ESX</description>
7120
+ <example os.version="5.0.0" os.arch="x86_64">VMware ESX 5.0.0 build-623860 VMware, Inc. x86_64</example>
7121
+ <param pos="0" name="os.vendor" value="VMware"/>
7122
+ <param pos="0" name="os.family" value="VMware ESX/ESXi"/>
7123
+ <param pos="0" name="os.product" value="VMware ESX Server"/>
7124
+ <param pos="1" name="os.version"/>
7125
+ <param pos="2" name="os.arch"/>
7126
+ <param pos="0" name="os.device" value="Hypervisor"/>
7127
+ <param pos="0" name="os.cpe23" value="cpe:/o:vmware:esx:{os.version}"/>
7128
+ <param pos="0" name="hw.device" value="Hypervisor"/>
6960
7129
  </fingerprint>
6961
7130
 
6962
7131
  <fingerprint pattern="^&quot;vSphere Management Assistant ([\d\.]+)&quot;$">