recog 2.3.18 → 2.3.22

data/xml/ssh_banners.xml

@@ -33,12 +33,12 @@
     <param pos="0" name="service.product" value="iLO"/>
     <param pos="0" name="service.family" value="iLO"/>
     <param pos="1" name="service.version"/>
-    <param pos="0" name="service.cpe23" value="cpe:/a:hp:integrated_lights_out:{service.version}"/>
     <param pos="0" name="hw.vendor" value="HP"/>
     <param pos="0" name="os.vendor" value="HP"/>
     <param pos="0" name="os.product" value="iLO"/>
     <param pos="0" name="os.family" value="iLO"/>
     <param pos="0" name="os.device" value="Lights Out Management"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:hp:integrated_lights-out_firmware:-"/>
   </fingerprint>
 
   <fingerprint pattern="^Serv-U_([\d\.]+)$">
@@ -59,7 +59,7 @@
     <param pos="0" name="service.cpe23" value="cpe:/a:ipswitch:ws_ftp:{service.version}"/>
   </fingerprint>
 
-  <fingerprint pattern="IPSSH[-_]([\d\.p]+).*$">
+  <fingerprint pattern="IPSSH[-_]([\d\.p]+)">
     <description>VxWorks with version information</description>
     <example os.version="6.9.0">IPSSH-6.9.0</example>
     <param pos="0" name="os.vendor" value="Wind River"/>
@@ -552,7 +552,7 @@
   </fingerprint>
 
   <fingerprint pattern="^OpenSSH_(7\.8) (FreeBSD-20180909)$">
-    <description>OpenSSH running on FreeBSD 12.0</description>
+    <description>OpenSSH running on FreeBSD 12.0/12.1</description>
     <example service.version="7.8" openssh.comment="FreeBSD-20180909">OpenSSH_7.8 FreeBSD-20180909</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
@@ -888,9 +888,10 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:13.04"/>
   </fingerprint>
 
-  <fingerprint pattern="^OpenSSH_(6\.2p2) (Ubuntu-6unbuntu\d(?:\.\d)?)$">
+  <fingerprint pattern="^OpenSSH_(6\.2p2) (Ubuntu-6\S*)$">
     <description>OpenSSH running on Ubuntu 13.10</description>
     <example service.version="6.2p2" openssh.comment="Ubuntu-6unbuntu0.4">OpenSSH_6.2p2 Ubuntu-6unbuntu0.4</example>
+    <example service.version="6.2p2" openssh.comment="Ubuntu-6">OpenSSH_6.2p2 Ubuntu-6</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -917,10 +918,11 @@
     <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
   </fingerprint>
 
-  <fingerprint pattern="^OpenSSH_(6\.6(?:\.\d)?p1) (Ubuntu-2ubuntu\d+(?:\.\d+)?)$">
+  <fingerprint pattern="^OpenSSH_(6\.6(?:\.1)?p1) (Ubuntu-2\S*)$">
     <description>OpenSSH running on Ubuntu 14.04</description>
     <example service.version="6.6p1" openssh.comment="Ubuntu-2ubuntu1">OpenSSH_6.6p1 Ubuntu-2ubuntu1</example>
     <example service.version="6.6.1p1" openssh.comment="Ubuntu-2ubuntu2">OpenSSH_6.6.1p1 Ubuntu-2ubuntu2</example>
+    <example service.version="6.6.1p1" openssh.comment="Ubuntu-2ubuntu2.13">OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.13</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -950,9 +952,10 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:14.10"/>
   </fingerprint>
 
-  <fingerprint pattern="^OpenSSH_(6\.7p1) (Ubuntu-5ubuntu\d(?:\.\d)?)$">
+  <fingerprint pattern="^OpenSSH_(6\.7p1) (Ubuntu-5\S*)$">
     <description>OpenSSH running on Ubuntu 15.04 (vivid)</description>
     <example service.version="6.7p1" openssh.comment="Ubuntu-5ubuntu1">OpenSSH_6.7p1 Ubuntu-5ubuntu1</example>
+    <example service.version="6.7p1" openssh.comment="Ubuntu-5ubuntu1.4">OpenSSH_6.7p1 Ubuntu-5ubuntu1.4</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -966,9 +969,10 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:15.04"/>
   </fingerprint>
 
-  <fingerprint pattern="^OpenSSH_(6\.9p1) (Ubuntu-2)$">
+  <fingerprint pattern="^OpenSSH_(6\.9p1) (Ubuntu-2\S*)$">
     <description>OpenSSH running on Ubuntu 15.10</description>
     <example service.version="6.9p1" openssh.comment="Ubuntu-2">OpenSSH_6.9p1 Ubuntu-2</example>
+    <example service.version="6.9p1" openssh.comment="Ubuntu-2ubuntu0.2">OpenSSH_6.9p1 Ubuntu-2ubuntu0.2</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -982,9 +986,11 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:15.10"/>
   </fingerprint>
 
-  <fingerprint pattern="^OpenSSH_(7\.2p2) (Ubuntu-4ubuntu\d(?:\.\d)?)$">
+  <fingerprint pattern="^OpenSSH_(7\.2p2) (Ubuntu-4\S*)$">
     <description>OpenSSH running on Ubuntu 16.04 (vivid)</description>
     <example service.version="7.2p2" openssh.comment="Ubuntu-4ubuntu2.7">OpenSSH_7.2p2 Ubuntu-4ubuntu2.7</example>
+    <example service.version="7.2p2" openssh.comment="Ubuntu-4ubuntu1">OpenSSH_7.2p2 Ubuntu-4ubuntu1</example>
+    <example service.version="7.2p2" openssh.comment="Ubuntu-4">OpenSSH_7.2p2 Ubuntu-4</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -1030,9 +1036,10 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:17.04"/>
   </fingerprint>
 
-  <fingerprint pattern="^OpenSSH_(7\.5p1) (Ubuntu-10ubuntu\d(?:\.\d)?)$">
+  <fingerprint pattern="^OpenSSH_(7\.5p1) (Ubuntu-10\S*)$">
     <description>OpenSSH running on Ubuntu 17.10</description>
     <example service.version="7.5p1" openssh.comment="Ubuntu-10ubuntu0.1">OpenSSH_7.5p1 Ubuntu-10ubuntu0.1</example>
+    <example service.version="7.5p1" openssh.comment="Ubuntu-10">OpenSSH_7.5p1 Ubuntu-10</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -1046,9 +1053,10 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:17.10"/>
   </fingerprint>
 
-  <fingerprint pattern="^OpenSSH_(7\.6p1) (Ubuntu-4ubuntu\d(?:\.\d)?)$">
+  <fingerprint pattern="^OpenSSH_(7\.6p1) (Ubuntu-4\S*)$">
     <description>OpenSSH running on Ubuntu 18.04</description>
     <example service.version="7.6p1" openssh.comment="Ubuntu-4ubuntu0.3">OpenSSH_7.6p1 Ubuntu-4ubuntu0.3</example>
+    <example service.version="7.6p1" openssh.comment="Ubuntu-4">OpenSSH_7.6p1 Ubuntu-4</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -1062,9 +1070,10 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:18.04"/>
   </fingerprint>
 
-  <fingerprint pattern="^OpenSSH_(7\.7p1) (Ubuntu-4)$">
+  <fingerprint pattern="^OpenSSH_(7\.7p1) (Ubuntu-4\S*)$">
     <description>OpenSSH running on Ubuntu 18.10</description>
     <example service.version="7.7p1" openssh.comment="Ubuntu-4">OpenSSH_7.7p1 Ubuntu-4</example>
+    <example service.version="7.7p1" openssh.comment="Ubuntu-4ubuntu0.3">OpenSSH_7.7p1 Ubuntu-4ubuntu0.3</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -1110,6 +1119,39 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:19.10"/>
   </fingerprint>
 
+  <fingerprint pattern="^OpenSSH_(8\.2p1) (Ubuntu-4\S*)$">
+    <description>OpenSSH running on Ubuntu 20.04</description>
+    <example service.version="8.2p1" openssh.comment="Ubuntu-4ubuntu0.1">OpenSSH_8.2p1 Ubuntu-4ubuntu0.1</example>
+    <example service.version="8.2p1" openssh.comment="Ubuntu-4">OpenSSH_8.2p1 Ubuntu-4</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="20.04"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:20.04"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(8\.3p1) (Ubuntu-1\S*)$">
+    <description>OpenSSH running on Ubuntu 20.10</description>
+    <example service.version="8.3p1" openssh.comment="Ubuntu-1">OpenSSH_8.3p1 Ubuntu-1</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="20.10"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:20.10"/>
+  </fingerprint>
+
   <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Ubuntu-\d\d?)$">
     <description>OpenSSH running on Ubuntu (unknown release)</description>
     <example service.version="7.6p1" openssh.comment="Ubuntu-2">OpenSSH_7.6p1 Ubuntu-2</example>
@@ -1329,9 +1371,56 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:9.0"/>
   </fingerprint>
 
-  <fingerprint pattern="^OpenSSH_(7\.9p1) (Debian-10|Debian-\d\d?\+deb10u\d+)$">
-    <description>OpenSSH running on Debian 10.x (buster)</description>
+  <fingerprint pattern="^OpenSSH_(7\.9p1) (Debian-10)$">
+    <description>OpenSSH running on Debian 10.0 (buster)</description>
     <example service.version="7.9p1" openssh.comment="Debian-10">OpenSSH_7.9p1 Debian-10</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Debian"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="10.0"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:10.0"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(7\.9p1) (Debian-10\+deb10u1)$">
+    <description>OpenSSH running on Debian 10.1 (buster)</description>
+    <example service.version="7.9p1" openssh.comment="Debian-10+deb10u1">OpenSSH_7.9p1 Debian-10+deb10u1</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Debian"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="10.1"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:10.1"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(7\.9p1) (Debian-10\+deb10u2)$">
+    <description>OpenSSH running on Debian 10.2 (buster)</description>
+    <example service.version="7.9p1" openssh.comment="Debian-10+deb10u2">OpenSSH_7.9p1 Debian-10+deb10u2</example>
+    <param pos="1" name="service.version"/>
+    <param pos="2" name="openssh.comment"/>
+    <param pos="0" name="service.vendor" value="OpenBSD"/>
+    <param pos="0" name="service.family" value="OpenSSH"/>
+    <param pos="0" name="service.product" value="OpenSSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
+    <param pos="0" name="os.vendor" value="Debian"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.version" value="10.2"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:10.2"/>
+  </fingerprint>
+
+  <fingerprint pattern="^OpenSSH_(7\.9p1) (Debian-10\S+)$">
+    <description>OpenSSH running on Debian 10.x (buster catchall)</description>
     <example service.version="7.9p1" openssh.comment="Debian-10+deb10u6">OpenSSH_7.9p1 Debian-10+deb10u6</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
@@ -1402,6 +1491,7 @@
   <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Raspbian-\d\d?\+deb9u\d+)$">
     <description>OpenSSH running on Raspbian (Debian 9 "Stretch" based)</description>
     <example service.version="7.4p1" openssh.comment="Raspbian-10+deb9u1">OpenSSH_7.4p1 Raspbian-10+deb9u1</example>
+    <example service.version="7.4p1" openssh.comment="Raspbian-10+deb9u7">OpenSSH_7.4p1 Raspbian-10+deb9u7</example>
     <example service.version="7.4p1" openssh.comment="Raspbian-9+deb9u1">OpenSSH_7.4p1 Raspbian-9+deb9u1</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
@@ -1416,10 +1506,11 @@
     <param pos="0" name="hw.product" value="Raspberry Pi"/>
   </fingerprint>
 
-  <fingerprint pattern="^OpenSSH_(7\.9p1)\s+(Raspbian-(?:10|\d\d?\+deb10u\d+))$">
+  <fingerprint pattern="^OpenSSH_(7\.9p1)\s+(Raspbian-(?:10|\d\d?\+deb10u\d+)(?:\+rpt\d)?)$">
     <description>OpenSSH running on Raspbian (Debian 10 "Buster" based)</description>
     <example service.version="7.9p1" openssh.comment="Raspbian-10">OpenSSH_7.9p1 Raspbian-10</example>
     <example service.version="7.9p1" openssh.comment="Raspbian-10+deb10u1">OpenSSH_7.9p1 Raspbian-10+deb10u1</example>
+    <example service.version="7.9p1" openssh.comment="Raspbian-10+deb10u2+rpt1">OpenSSH_7.9p1 Raspbian-10+deb10u2+rpt1</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -1615,7 +1706,7 @@
     <param pos="0" name="service.product" value="SSH"/>
     <param pos="0" name="os.vendor" value="Cisco"/>
     <param pos="0" name="os.product" value="Wireless LAN Controller"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:cisco:wireless_lan_controller:-"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:cisco:wireless_lan_controller_software:-"/>
   </fingerprint>
 
   <fingerprint pattern="(?i)^Cleo (\S+)/(\S+) SSH FTP server$">
@@ -1695,7 +1786,7 @@
     <param pos="1" name="os.version"/>
   </fingerprint>
 
-  <fingerprint pattern="^([\d.]+)[ _]sshlib:? (?i:GlobalScape)$">
+  <fingerprint pattern="^([\d.]{1,8})[ _]sshlib:? (?i:GlobalScape)$">
     <description>GlobalScape SSH (which uses Bitvise sshlib)</description>
     <example service.component.version="1.36">1.36_sshlib GlobalSCAPE</example>
     <example service.component.version="1.82">1.82_sshlib Globalscape</example>
@@ -1713,7 +1804,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
 
-  <fingerprint pattern="^([^\s]+) sshlib: WinSSHD (.*)$">
+  <fingerprint pattern="^([\d.]{1,8}) sshlib: WinSSHD ([\w.-]*)$">
     <description>Bitvise WinSSHD (which uses Bitvise sshlib)</description>
     <example service.component.version="1.78" service.version="4.15a">1.78 sshlib: WinSSHD 4.15a</example>
     <param pos="1" name="service.component.version"/>
@@ -1730,7 +1821,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
 
-  <fingerprint pattern="^([^\s]+) FlowSsh: (?:Bitvise SSH Server \(WinSSHD\)|WinSSHD) ([\d\.]+):?.*$">
+  <fingerprint pattern="^([\d.]{1,8}) FlowSsh: (?:Bitvise SSH Server \(WinSSHD\)|WinSSHD) ([\d\.]+):?">
     <description>Bitvise WinSSHD (which uses Bitvise flowssh) with version</description>
     <example service.version="5.09" service.component.version="1.03">1.03 FlowSsh: WinSSHD 5.09</example>
     <example service.version="5.20" service.component.version="1.07">1.07 FlowSsh: WinSSHD 5.20: free only for personal non-commercial use</example>
@@ -1749,7 +1840,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
 
-  <fingerprint pattern="^([^\s]+) FlowSsh: (?:Bitvise SSH Server \(WinSSHD\)|WinSSHD)(?: :.*)?$">
+  <fingerprint pattern="^([\d.]{1,8}) FlowSsh: (?:Bitvise SSH Server \(WinSSHD\)|WinSSHD)(?: :.*)?$">
     <description>Bitvise WinSSHD (which uses Bitvise flowssh) without version</description>
     <example service.component.version="9.99">9.99 FlowSsh: Bitvise SSH Server (WinSSHD)</example>
     <example service.component.version="9.99">9.99 FlowSsh: Bitvise SSH Server (WinSSHD) : free only for personal non-commercial use</example>
@@ -1766,7 +1857,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
 
-  <fingerprint pattern="^([^\s]+) sshlib: MOVEit DMZ SSH (.*)$">
+  <fingerprint pattern="^([\d.]{1,8}) sshlib: MOVEit DMZ SSH (.*)$">
     <description>MOVEit DMZ (which uses Bitvise sshlib)</description>
     <param pos="1" name="service.component.version"/>
     <param pos="2" name="service.version"/>
@@ -1776,13 +1867,14 @@
     <param pos="0" name="service.vendor" value="Standard Networks"/>
     <param pos="0" name="service.family" value="MOVEit DMZ"/>
     <param pos="0" name="service.product" value="MOVEit DMZ"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:ipswitch:moveit_dmz:{service.version}"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.family" value="Windows"/>
     <param pos="0" name="os.product" value="Windows"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
 
-  <fingerprint pattern="^paramiko_([\d\.]+).*$">
+  <fingerprint pattern="^paramiko_([\d\.]+)">
     <description>Paramiko</description>
     <example service.version="2.1.3">paramiko_2.1.3 501 command not implemented ERROR</example>
     <example service.version="2.1.4">paramiko_2.1.4</example>
@@ -1848,8 +1940,9 @@
     <param pos="0" name="service.cpe23" value="cpe:/a:vandyke:vshell:{service.version}"/>
   </fingerprint>
 
-  <fingerprint pattern="^([\s]*)\s*VShell$">
+  <fingerprint pattern="^([\d.]{0,8})\s{1,8}VShell$">
     <description>VanDyke VShell</description>
+    <example service.version="1.0.2">1.0.2 VShell</example>
     <param pos="1" name="service.version"/>
     <param pos="0" name="service.vendor" value="VanDyke Software"/>
     <param pos="0" name="service.family" value="VShell"/>
@@ -1864,10 +1957,11 @@
     <param pos="1" name="service.version"/>
     <param pos="0" name="service.vendor" value="Attachmate"/>
     <param pos="0" name="service.family" value="Reflection"/>
-    <param pos="0" name="service.product" value="Reflection"/>
+    <param pos="0" name="service.product" value="Reflection for Secure IT"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:attachmate:reflection_for_secure_it:{service.version}"/>
   </fingerprint>
 
-  <fingerprint pattern="^([^\s]*)\s*F-Secure SSH\s*(?:.*)$">
+  <fingerprint pattern="^(\S{0,256})\s{0,256}F-Secure SSH ">
     <description>Attachmate Reflection (formerly F-Secure SSH)</description>
     <example service.version="3.2.3">3.2.3 F-Secure SSH Windows NT Server</example>
     <param pos="1" name="service.version"/>
@@ -1876,16 +1970,17 @@
     <param pos="0" name="service.product" value="Reflection"/>
   </fingerprint>
 
-  <fingerprint pattern="^([^\s]*)\s*SSH Tectia Server$">
+  <fingerprint pattern="^(\S{0,256})\s{0,256}SSH Tectia Server$">
     <description>SSH Communications Security Tectia Server - branded</description>
     <example service.version="6.4.12.353">6.4.12.353 SSH Tectia Server</example>
     <param pos="1" name="service.version"/>
     <param pos="0" name="service.vendor" value="SSH Communications Security"/>
     <param pos="0" name="service.family" value="SSH Tectia Server"/>
     <param pos="0" name="service.product" value="SSH Tectia Server"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:ssh:tectia_server:{service.version}"/>
   </fingerprint>
 
-  <fingerprint pattern="^([0-9\.]+) SSH Secure Shell(?: \(non-commercial\))?$">
+  <fingerprint pattern="^([0-9\.]{1,8}) SSH Secure Shell(?: \(non-commercial\))?$">
     <description>SSH Communications Security Tectia Server</description>
     <example service.version="3.2.9.1">3.2.9.1 SSH Secure Shell (non-commercial)</example>
     <example service.version="4.0.3">4.0.3 SSH Secure Shell</example>
@@ -1894,9 +1989,10 @@
     <param pos="0" name="service.vendor" value="SSH Communications Security"/>
     <param pos="0" name="service.family" value="SSH Tectia Server"/>
     <param pos="0" name="service.product" value="SSH Tectia Server"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:ssh:tectia_server:{service.version}"/>
   </fingerprint>
 
-  <fingerprint pattern="^([0-9\.]+) SSH Secure Shell Windows NT Server$">
+  <fingerprint pattern="^([0-9\.]{1,8}) SSH Secure Shell Windows NT Server$">
     <description>Unknown Windows SSH server</description>
     <example service.version="4.0.3">4.0.3 SSH Secure Shell Windows NT Server</example>
     <param pos="0" name="os.vendor" value="Microsoft"/>
@@ -1907,6 +2003,7 @@
     <param pos="0" name="service.vendor" value="SSH Communications Security"/>
     <param pos="0" name="service.family" value="SSH Tectia Server"/>
     <param pos="0" name="service.product" value="SSH Tectia Server"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:ssh:tectia_server:{service.version}"/>
   </fingerprint>
 
   <fingerprint pattern="^ARRIS_(.*)$">
@@ -1948,7 +2045,7 @@
     <param pos="0" name="os.product" value="NetVanta"/>
   </fingerprint>
 
-  <fingerprint pattern="^.*MultiNet.*$">
+  <fingerprint pattern="MultiNet">
     <description>Process Software MultiNet is a suite of network apps for OpenVMS</description>
     <param pos="0" name="service.vendor" value="Process Software"/>
     <param pos="0" name="service.family" value="MultiNet"/>
@@ -1994,6 +2091,7 @@
     <param pos="0" name="service.vendor" value="Standard Networks"/>
     <param pos="0" name="service.family" value="MOVEit DMZ"/>
     <param pos="0" name="service.product" value="MOVEit DMZ"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:ipswitch:moveit_dmz:-"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.family" value="Windows"/>
     <param pos="0" name="os.product" value="Windows"/>
@@ -2019,7 +2117,12 @@
     <param pos="0" name="os.vendor" value="NetApp"/>
     <param pos="0" name="os.family" value="Data ONTAP"/>
     <param pos="0" name="os.product" value="Data ONTAP"/>
+    <param pos="0" name="os.device" value="NAS"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:netapp:data_ontap:-"/>
+    <param pos="0" name="hw.vendor" value="NetApp"/>
+    <param pos="0" name="hw.family" value="Data ONTAP"/>
+    <param pos="0" name="hw.product" value="Data ONTAP"/>
+    <param pos="0" name="hw.device" value="NAS"/>
   </fingerprint>
 
   <fingerprint pattern="^(\d\.\d+\.\d+) SSH Secure Shell OpenVMS V\d+\.\d+$">
@@ -2057,7 +2160,7 @@
     <param pos="0" name="os.certainty" value="0.75"/>
   </fingerprint>
 
-  <fingerprint pattern="^\S+ SSH Secure Shell Tru64 UNIX$">
+  <fingerprint pattern="^\S{1,16} SSH Secure Shell Tru64 UNIX$">
     <description>Digital/Compaq/HP Tru64 Unix</description>
     <example>3.2.0 SSH Secure Shell Tru64 UNIX</example>
     <param pos="0" name="os.vendor" value="HP"/>
@@ -2125,6 +2228,19 @@
     <param pos="0" name="service.product" value="WeOnlyDo SSH Server"/>
   </fingerprint>
 
+  <fingerprint pattern="^Zyxel SSH server$">
+    <description>Zyxel Firewall SSH service</description>
+    <example>Zyxel SSH server</example>
+    <param pos="0" name="service.vendor" value="Zyxel"/>
+    <param pos="0" name="service.family" value="Zywall"/>
+    <param pos="0" name="os.vendor" value="Zyxel"/>
+    <param pos="0" name="os.product" value="ZyNOS firmware"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:zyxel:zynos_firmware:-"/>
+    <param pos="0" name="hw.vendor" value="Zyxel"/>
+    <param pos="0" name="hw.device" value="Firewall"/>
+    <param pos="0" name="hw.family" value="Unified Security Gateway"/>
+  </fingerprint>
+
   <!--
 1.2.22j4rad
 2.40