recog 2.3.5 → 2.3.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (86) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +17 -5
  3. data/.ruby-gemset +1 -0
  4. data/.ruby-version +1 -0
  5. data/.travis.yml +7 -4
  6. data/CONTRIBUTING.md +136 -37
  7. data/Gemfile +2 -5
  8. data/README.md +34 -29
  9. data/bin/recog_cleanup +16 -0
  10. data/bin/recog_standardize +142 -0
  11. data/cpe-remap.yaml +21 -0
  12. data/features/data/successful_tests.xml +1 -1
  13. data/features/data/tests_with_warnings.xml +1 -1
  14. data/features/match.feature +4 -0
  15. data/features/support/aruba.rb +3 -0
  16. data/features/verify.feature +8 -4
  17. data/identifiers/README.md +56 -0
  18. data/identifiers/hw_device.txt +77 -0
  19. data/identifiers/hw_family.txt +96 -0
  20. data/identifiers/hw_product.txt +328 -0
  21. data/identifiers/os_architecture.txt +20 -0
  22. data/identifiers/os_device.txt +94 -0
  23. data/identifiers/os_family.txt +325 -0
  24. data/identifiers/os_product.txt +420 -0
  25. data/identifiers/service_family.txt +272 -0
  26. data/identifiers/service_product.txt +556 -0
  27. data/identifiers/software_class.txt +26 -0
  28. data/identifiers/software_family.txt +91 -0
  29. data/identifiers/software_product.txt +333 -0
  30. data/identifiers/vendor.txt +890 -0
  31. data/lib/recog/fingerprint.rb +46 -0
  32. data/lib/recog/version.rb +1 -1
  33. data/requirements.txt +1 -1
  34. data/spec/data/verification_fingerprints.xml +86 -0
  35. data/spec/lib/fingerprint_self_test_spec.rb +1 -1
  36. data/spec/lib/recog/fingerprint/regexp_factory_spec.rb +1 -1
  37. data/spec/lib/recog/fingerprint_spec.rb +89 -0
  38. data/update_cpes.py +1 -1
  39. data/xml/apache_modules.xml +292 -5
  40. data/xml/apache_os.xml +50 -2
  41. data/xml/architecture.xml +19 -7
  42. data/xml/dns_versionbind.xml +113 -11
  43. data/xml/favicons.xml +1700 -0
  44. data/xml/ftp_banners.xml +287 -15
  45. data/xml/h323_callresp.xml +112 -12
  46. data/xml/hp_pjl_id.xml +47 -5
  47. data/xml/html_title.xml +2371 -17
  48. data/xml/http_cookies.xml +82 -7
  49. data/xml/http_servers.xml +839 -41
  50. data/xml/http_wwwauth.xml +154 -27
  51. data/xml/imap_banners.xml +19 -13
  52. data/xml/ldap_searchresult.xml +81 -9
  53. data/xml/mdns_device-info_txt.xml +194 -17
  54. data/xml/mdns_workstation_txt.xml +4 -2
  55. data/xml/mysql_banners.xml +554 -45
  56. data/xml/mysql_error.xml +113 -6
  57. data/xml/nntp_banners.xml +10 -2
  58. data/xml/ntp_banners.xml +95 -11
  59. data/xml/operating_system.xml +90 -3
  60. data/xml/pop_banners.xml +30 -31
  61. data/xml/rsh_resp.xml +11 -2
  62. data/xml/rtsp_servers.xml +96 -0
  63. data/xml/sip_banners.xml +192 -17
  64. data/xml/sip_user_agents.xml +69 -3
  65. data/xml/smb_native_lm.xml +10 -2
  66. data/xml/smb_native_os.xml +80 -2
  67. data/xml/smtp_banners.xml +166 -9
  68. data/xml/smtp_debug.xml +6 -4
  69. data/xml/smtp_ehlo.xml +7 -5
  70. data/xml/smtp_expn.xml +13 -4
  71. data/xml/smtp_help.xml +23 -4
  72. data/xml/smtp_mailfrom.xml +5 -2
  73. data/xml/smtp_noop.xml +6 -5
  74. data/xml/smtp_quit.xml +5 -4
  75. data/xml/smtp_rcptto.xml +5 -2
  76. data/xml/smtp_rset.xml +4 -4
  77. data/xml/smtp_turn.xml +4 -4
  78. data/xml/smtp_vrfy.xml +14 -4
  79. data/xml/snmp_sysdescr.xml +862 -122
  80. data/xml/snmp_sysobjid.xml +47 -2
  81. data/xml/ssh_banners.xml +1153 -192
  82. data/xml/telnet_banners.xml +419 -14
  83. data/xml/x11_banners.xml +27 -4
  84. data/xml/x509_issuers.xml +39 -15
  85. data/xml/x509_subjects.xml +545 -64
  86. metadata +32 -6
data/xml/snmp_sysobjid.xml CHANGED
@@ -1,15 +1,18 @@
1
- <?xml version="1.0" encoding="UTF-8"?>
1
+ <?xml version='1.0' encoding='UTF-8'?>
2
2
  <fingerprints matches="snmp.sys_object_id" protocol="snmp" database_type="service">
3
3
  <!--
4
4
  SNMP fingerprint definitions for SysObjectIDs. These are matched against the value of the
5
5
  'sysObjectID' (OID 1.3.6.1.2.1.1.2) variable.
6
6
  -->
7
+
7
8
  <!--======================================================================
8
9
  MICROSOFT
9
10
  =======================================================================-->
11
+
10
12
  <!--
11
13
  These are baseline patterns that map to sysObjectID with their associated sysDescr.
12
14
  -->
15
+
13
16
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.[23] Hardware: x86.*Software: Windows NT Version 4\.0.*$">
14
17
  <description>Windows NT 4 on x86</description>
15
18
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 6 Model 8 Stepping 3 AT/AT COMPATIBLE - Software: Windows NT Version 4.0 (Build Number: 1381 Uniprocessor Free )</example>
@@ -21,6 +24,7 @@
21
24
  <param pos="0" name="os.arch" value="x86"/>
22
25
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_nt:4.0"/>
23
26
  </fingerprint>
27
+
24
28
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows 2000 Version 5\.0.*$">
25
29
  <description>Windows 2000 on x86</description>
26
30
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 4 Stepping 8 AT/AT COMPATIBLE - Software: Windows 2000 Version 5.0 (Build 2195 Uniprocessor Free)</example>
@@ -30,6 +34,7 @@
30
34
  <param pos="0" name="os.arch" value="x86"/>
31
35
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:-"/>
32
36
  </fingerprint>
37
+
33
38
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows 2000 Version 5\.0.*$">
34
39
  <description>Windows 2000 Datacenter on x86</description>
35
40
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 4 Stepping 8 AT/AT COMPATIBLE - Software: Windows 2000 Version 5.0 (Build 2195 Uniprocessor Free)</example>
@@ -39,6 +44,7 @@
39
44
  <param pos="0" name="os.arch" value="x86"/>
40
45
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:-"/>
41
46
  </fingerprint>
47
+
42
48
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 5\.2.*$">
43
49
  <description>Windows Server 2003 on x86</description>
44
50
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
@@ -48,6 +54,7 @@
48
54
  <param pos="0" name="os.arch" value="x86"/>
49
55
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
50
56
  </fingerprint>
57
+
51
58
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 5\.2.*$">
52
59
  <description>Windows Server 2003 Datacenter on x86</description>
53
60
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
@@ -57,6 +64,7 @@
57
64
  <param pos="0" name="os.arch" value="x86"/>
58
65
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
59
66
  </fingerprint>
67
+
60
68
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 5\.2.*$">
61
69
  <description>Windows Server 2003 on x86_64</description>
62
70
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
@@ -67,6 +75,7 @@
67
75
  <param pos="0" name="os.arch" value="x86_64"/>
68
76
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
69
77
  </fingerprint>
78
+
70
79
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 5\.2.*$">
71
80
  <description>Windows Server 2003 Datacenter on x86_64</description>
72
81
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
@@ -77,6 +86,7 @@
77
86
  <param pos="0" name="os.arch" value="x86_64"/>
78
87
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
79
88
  </fingerprint>
89
+
80
90
  <fingerprint pattern="^Microsoft Windows CE Version ([\d.]+).*$">
81
91
  <description>Windows CE</description>
82
92
  <example>Microsoft Windows CE Version 4.20 (Build 0)</example>
@@ -87,6 +97,7 @@
87
97
  <param pos="1" name="os.version"/>
88
98
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_ce:{os.version}"/>
89
99
  </fingerprint>
100
+
90
101
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6001.*$">
91
102
  <description>Windows Server 2008 on x86</description>
92
103
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
@@ -96,6 +107,7 @@
96
107
  <param pos="0" name="os.arch" value="x86"/>
97
108
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
98
109
  </fingerprint>
110
+
99
111
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6001.*$">
100
112
  <description>Windows Server 2008 Datacenter on x86</description>
101
113
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
@@ -105,6 +117,7 @@
105
117
  <param pos="0" name="os.arch" value="x86"/>
106
118
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
107
119
  </fingerprint>
120
+
108
121
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6001.*$">
109
122
  <description>Windows Server 2008 on x86_64</description>
110
123
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
@@ -115,6 +128,7 @@
115
128
  <param pos="0" name="os.arch" value="x86_64"/>
116
129
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
117
130
  </fingerprint>
131
+
118
132
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6001.*$">
119
133
  <description>Windows Server 2008 Datacenter on x86_64</description>
120
134
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
@@ -125,6 +139,7 @@
125
139
  <param pos="0" name="os.arch" value="x86_64"/>
126
140
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
127
141
  </fingerprint>
142
+
128
143
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6002.*$">
129
144
  <description>Windows Server 2008 SP2 on x86</description>
130
145
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
@@ -135,6 +150,7 @@
135
150
  <param pos="0" name="os.arch" value="x86"/>
136
151
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP2"/>
137
152
  </fingerprint>
153
+
138
154
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6002.*$">
139
155
  <description>Windows Server 2008 Datacenter SP2 on x86</description>
140
156
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
@@ -145,6 +161,7 @@
145
161
  <param pos="0" name="os.arch" value="x86"/>
146
162
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP2"/>
147
163
  </fingerprint>
164
+
148
165
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6002.*$">
149
166
  <description>Windows Server 2008 SP2 on x86_64</description>
150
167
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
@@ -156,6 +173,7 @@
156
173
  <param pos="0" name="os.arch" value="x86_64"/>
157
174
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP2"/>
158
175
  </fingerprint>
176
+
159
177
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6002.*$">
160
178
  <description>Windows Server 2008 Datacenter SP2 on x86_64</description>
161
179
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
@@ -167,6 +185,7 @@
167
185
  <param pos="0" name="os.arch" value="x86_64"/>
168
186
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP2"/>
169
187
  </fingerprint>
188
+
170
189
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7600.*$">
171
190
  <description>Windows Server 2008 R2 on x86</description>
172
191
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
@@ -176,6 +195,7 @@
176
195
  <param pos="0" name="os.arch" value="x86"/>
177
196
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
178
197
  </fingerprint>
198
+
179
199
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7600.*$">
180
200
  <description>Windows Server 2008 Datacenter R2 on x86</description>
181
201
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
@@ -185,6 +205,7 @@
185
205
  <param pos="0" name="os.arch" value="x86"/>
186
206
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
187
207
  </fingerprint>
208
+
188
209
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7600.*$">
189
210
  <description>Windows Server 2008 R2 on x86_64</description>
190
211
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
@@ -195,6 +216,7 @@
195
216
  <param pos="0" name="os.arch" value="x86_64"/>
196
217
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
197
218
  </fingerprint>
219
+
198
220
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7600.*$">
199
221
  <description>Windows Server 2008 Datacenter R2 on x86_64</description>
200
222
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
@@ -205,6 +227,7 @@
205
227
  <param pos="0" name="os.arch" value="x86_64"/>
206
228
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
207
229
  </fingerprint>
230
+
208
231
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7601.*$">
209
232
  <description>Windows Server 2008 R2 SP1 on x86</description>
210
233
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
@@ -215,6 +238,7 @@
215
238
  <param pos="0" name="os.arch" value="x86"/>
216
239
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP1"/>
217
240
  </fingerprint>
241
+
218
242
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7601.*$">
219
243
  <description>Windows Server 2008 Datacenter R2 SP1 on x86</description>
220
244
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
@@ -225,6 +249,7 @@
225
249
  <param pos="0" name="os.arch" value="x86"/>
226
250
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP1"/>
227
251
  </fingerprint>
252
+
228
253
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7601.*$">
229
254
  <description>Windows Server 2008 R2 SP1 on x86_64</description>
230
255
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
@@ -236,6 +261,7 @@
236
261
  <param pos="0" name="os.arch" value="x86_64"/>
237
262
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP1"/>
238
263
  </fingerprint>
264
+
239
265
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7601.*$">
240
266
  <description>Windows Server 2008 Datacenter R2 SP1 on x86_64</description>
241
267
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
@@ -247,6 +273,7 @@
247
273
  <param pos="0" name="os.arch" value="x86_64"/>
248
274
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP1"/>
249
275
  </fingerprint>
276
+
250
277
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.2 \(Build 9200.*$">
251
278
  <description>Windows Server 2012 on x86_64</description>
252
279
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: Intel64 Family 6 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.2 (Build 9200 Multiprocessor Free)</example>
@@ -256,7 +283,9 @@
256
283
  <param pos="0" name="os.arch" value="x86_64"/>
257
284
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
258
285
  </fingerprint>
286
+
259
287
  <!-- Various OIDs for Net-SNMP agents which are OS specific -->
288
+
260
289
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.1$">
261
290
  <description>Net-SNMP on hpux9</description>
262
291
  <example>1.3.6.1.4.1.8072.3.2.1</example>
@@ -269,6 +298,7 @@
269
298
  <param pos="0" name="service.product" value="SNMP Agent"/>
270
299
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
271
300
  </fingerprint>
301
+
272
302
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.2$">
273
303
  <description>Net-SNMP on sunos4</description>
274
304
  <example>1.3.6.1.4.1.8072.3.2.2</example>
@@ -280,6 +310,7 @@
280
310
  <param pos="0" name="service.product" value="SNMP Agent"/>
281
311
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
282
312
  </fingerprint>
313
+
283
314
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.3$">
284
315
  <description>Net-SNMP on solaris</description>
285
316
  <example>1.3.6.1.4.1.8072.3.2.3</example>
@@ -291,6 +322,7 @@
291
322
  <param pos="0" name="service.product" value="SNMP Agent"/>
292
323
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
293
324
  </fingerprint>
325
+
294
326
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.4$">
295
327
  <description>Net-SNMP on osf</description>
296
328
  <example>1.3.6.1.4.1.8072.3.2.4</example>
@@ -300,6 +332,7 @@
300
332
  <param pos="0" name="service.product" value="SNMP Agent"/>
301
333
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
302
334
  </fingerprint>
335
+
303
336
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.5$">
304
337
  <description>Net-SNMP on ultrix</description>
305
338
  <example>1.3.6.1.4.1.8072.3.2.5</example>
@@ -309,6 +342,7 @@
309
342
  <param pos="0" name="service.product" value="SNMP Agent"/>
310
343
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
311
344
  </fingerprint>
345
+
312
346
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.6$">
313
347
  <description>Net-SNMP on hpux10</description>
314
348
  <example>1.3.6.1.4.1.8072.3.2.6</example>
@@ -321,6 +355,7 @@
321
355
  <param pos="0" name="service.product" value="SNMP Agent"/>
322
356
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
323
357
  </fingerprint>
358
+
324
359
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.7$">
325
360
  <description>Net-SNMP on netbsd</description>
326
361
  <example>1.3.6.1.4.1.8072.3.2.7</example>
@@ -332,6 +367,7 @@
332
367
  <param pos="0" name="service.product" value="SNMP Agent"/>
333
368
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
334
369
  </fingerprint>
370
+
335
371
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.8$">
336
372
  <description>Net-SNMP on freebsd</description>
337
373
  <example>1.3.6.1.4.1.8072.3.2.8</example>
@@ -343,6 +379,7 @@
343
379
  <param pos="0" name="service.product" value="SNMP Agent"/>
344
380
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
345
381
  </fingerprint>
382
+
346
383
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.9$">
347
384
  <description>Net-SNMP on irix</description>
348
385
  <example>1.3.6.1.4.1.8072.3.2.9</example>
@@ -354,6 +391,7 @@
354
391
  <param pos="0" name="service.product" value="SNMP Agent"/>
355
392
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
356
393
  </fingerprint>
394
+
357
395
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.10$">
358
396
  <description>Net-SNMP on linux</description>
359
397
  <example>1.3.6.1.4.1.8072.3.2.10</example>
@@ -363,6 +401,7 @@
363
401
  <param pos="0" name="service.product" value="SNMP Agent"/>
364
402
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
365
403
  </fingerprint>
404
+
366
405
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.11$">
367
406
  <description>Net-SNMP on bsdi</description>
368
407
  <example>1.3.6.1.4.1.8072.3.2.11</example>
@@ -372,6 +411,7 @@
372
411
  <param pos="0" name="service.product" value="SNMP Agent"/>
373
412
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
374
413
  </fingerprint>
414
+
375
415
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.12$">
376
416
  <description>Net-SNMP on openbsd</description>
377
417
  <example>1.3.6.1.4.1.8072.3.2.12</example>
@@ -383,6 +423,7 @@
383
423
  <param pos="0" name="service.product" value="SNMP Agent"/>
384
424
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
385
425
  </fingerprint>
426
+
386
427
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.13$">
387
428
  <description>Net-SNMP on win32</description>
388
429
  <example>1.3.6.1.4.1.8072.3.2.13</example>
@@ -394,6 +435,7 @@
394
435
  <param pos="0" name="service.product" value="SNMP Agent"/>
395
436
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
396
437
  </fingerprint>
438
+
397
439
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.14$">
398
440
  <description>Net-SNMP on hpux11</description>
399
441
  <example>1.3.6.1.4.1.8072.3.2.14</example>
@@ -406,6 +448,7 @@
406
448
  <param pos="0" name="service.product" value="SNMP Agent"/>
407
449
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
408
450
  </fingerprint>
451
+
409
452
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.15$">
410
453
  <description>Net-SNMP on aix</description>
411
454
  <example>1.3.6.1.4.1.8072.3.2.15</example>
@@ -417,6 +460,7 @@
417
460
  <param pos="0" name="service.product" value="SNMP Agent"/>
418
461
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
419
462
  </fingerprint>
463
+
420
464
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.16$">
421
465
  <description>Net-SNMP on macosx</description>
422
466
  <example>1.3.6.1.4.1.8072.3.2.16</example>
@@ -427,4 +471,5 @@
427
471
  <param pos="0" name="service.product" value="SNMP Agent"/>
428
472
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
429
473
  </fingerprint>
430
- </fingerprints>
474
+
475
+ </fingerprints>
data/xml/ssh_banners.xml CHANGED
@@ -1,15 +1,17 @@
1
- <?xml version="1.0" encoding="UTF-8"?>
1
+ <?xml version='1.0' encoding='UTF-8'?>
2
2
  <fingerprints matches="ssh.banner" protocol="ssh" database_type="service" preference="0.90">
3
3
  <!--
4
4
  SSH "software revision and comment" strings (official RFC nomenclature for the part of
5
5
  the identification string after "SSH-x.x-") are matched against these patterns to
6
6
  fingerprint SSH servers.
7
7
  -->
8
+
8
9
  <fingerprint pattern="^ArrayOS$">
9
10
  <description>Array Networks device</description>
10
11
  <example>ArrayOS</example>
11
12
  <param pos="0" name="service.vendor" value="Array Networks"/>
12
13
  </fingerprint>
14
+
13
15
  <fingerprint pattern="^RomSShell_([\d\.]+)$">
14
16
  <description>Allegro RomSShell SSH</description>
15
17
  <example service.version="4.62">RomSShell_4.62</example>
@@ -17,14 +19,16 @@
17
19
  <param pos="0" name="service.product" value="RomSShell"/>
18
20
  <param pos="1" name="service.version"/>
19
21
  </fingerprint>
22
+
20
23
  <fingerprint pattern="(?i)^DraySSH_\S+$">
21
24
  <description>DrayTek generic</description>
22
25
  <example>DraySSH_2.0</example>
23
26
  <param pos="0" name="hw.vendor" value="DrayTek"/>
24
27
  </fingerprint>
28
+
25
29
  <fingerprint pattern="^mpSSH_([\d\.]+)$">
26
30
  <description>HP Integrated Lights Out (iLO) usually bundled with HP servers</description>
27
- <example>mpSSH_0.0.1</example>
31
+ <example service.version="0.0.1">mpSSH_0.0.1</example>
28
32
  <param pos="0" name="service.vendor" value="HP"/>
29
33
  <param pos="0" name="service.product" value="iLO"/>
30
34
  <param pos="0" name="service.family" value="iLO"/>
@@ -36,6 +40,7 @@
36
40
  <param pos="0" name="os.family" value="iLO"/>
37
41
  <param pos="0" name="os.device" value="Lights Out Management"/>
38
42
  </fingerprint>
43
+
39
44
  <fingerprint pattern="^Serv-U_([\d\.]+)$">
40
45
  <description>Serv-U SSH</description>
41
46
  <example service.version="7.4.0.1">Serv-U_7.4.0.1</example>
@@ -43,6 +48,7 @@
43
48
  <param pos="0" name="service.product" value="Serv-U"/>
44
49
  <param pos="1" name="service.version"/>
45
50
  </fingerprint>
51
+
46
52
  <fingerprint pattern="WS_FTP-SSH_([\d\.]+)$">
47
53
  <description>WS_FTP Server with SSH</description>
48
54
  <example service.version="6.1.1">WS_FTP-SSH_6.1.1</example>
@@ -52,6 +58,7 @@
52
58
  <param pos="1" name="service.version"/>
53
59
  <param pos="0" name="service.cpe23" value="cpe:/a:ipswitch:ws_ftp:{service.version}"/>
54
60
  </fingerprint>
61
+
55
62
  <fingerprint pattern="IPSSH[-_]([\d\.p]+).*$">
56
63
  <description>VxWorks with version information</description>
57
64
  <example os.version="6.9.0">IPSSH-6.9.0</example>
@@ -60,8 +67,427 @@
60
67
  <param pos="1" name="os.version"/>
61
68
  <param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:{os.version}"/>
62
69
  </fingerprint>
63
- <fingerprint pattern="^OpenSSH_([^\s]+)\s+(FreeBSD[ -].*)$">
64
- <description>OpenSSH running on FreeBSD</description>
70
+
71
+ <!-- FreeBSD -->
72
+
73
+ <fingerprint pattern="^OpenSSH_(2\.3\.0) (green@FreeBSD.org 20010321)$">
74
+ <description>OpenSSH running on FreeBSD 4.3</description>
75
+ <example service.version="2.3.0" openssh.comment="green@FreeBSD.org 20010321">OpenSSH_2.3.0 green@FreeBSD.org 20010321</example>
76
+ <param pos="1" name="service.version"/>
77
+ <param pos="2" name="openssh.comment"/>
78
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
79
+ <param pos="0" name="service.family" value="OpenSSH"/>
80
+ <param pos="0" name="service.product" value="OpenSSH"/>
81
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
82
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
83
+ <param pos="0" name="os.family" value="FreeBSD"/>
84
+ <param pos="0" name="os.product" value="FreeBSD"/>
85
+ <param pos="0" name="os.version" value="4.3"/>
86
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.3"/>
87
+ </fingerprint>
88
+
89
+ <fingerprint pattern="^OpenSSH_(2\.3\.0) (FreeBSD localisations 20010713)$">
90
+ <description>OpenSSH running on FreeBSD 4.4</description>
91
+ <example service.version="2.3.0" openssh.comment="FreeBSD localisations 20010713">OpenSSH_2.3.0 FreeBSD localisations 20010713</example>
92
+ <param pos="1" name="service.version"/>
93
+ <param pos="2" name="openssh.comment"/>
94
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
95
+ <param pos="0" name="service.family" value="OpenSSH"/>
96
+ <param pos="0" name="service.product" value="OpenSSH"/>
97
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
98
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
99
+ <param pos="0" name="os.family" value="FreeBSD"/>
100
+ <param pos="0" name="os.product" value="FreeBSD"/>
101
+ <param pos="0" name="os.version" value="4.4"/>
102
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.4"/>
103
+ </fingerprint>
104
+
105
+ <fingerprint pattern="^OpenSSH_(2\.9) (FreeBSD localisations 20011202)$">
106
+ <description>OpenSSH running on FreeBSD 4.5</description>
107
+ <example service.version="2.9" openssh.comment="FreeBSD localisations 20011202">OpenSSH_2.9 FreeBSD localisations 20011202</example>
108
+ <param pos="1" name="service.version"/>
109
+ <param pos="2" name="openssh.comment"/>
110
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
111
+ <param pos="0" name="service.family" value="OpenSSH"/>
112
+ <param pos="0" name="service.product" value="OpenSSH"/>
113
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
114
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
115
+ <param pos="0" name="os.family" value="FreeBSD"/>
116
+ <param pos="0" name="os.product" value="FreeBSD"/>
117
+ <param pos="0" name="os.version" value="4.5"/>
118
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.5"/>
119
+ </fingerprint>
120
+
121
+ <fingerprint pattern="^OpenSSH_(3\.4p1) (FreeBSD 20020702)$">
122
+ <description>OpenSSH running on FreeBSD 4.6.2</description>
123
+ <example service.version="3.4p1" openssh.comment="FreeBSD 20020702">OpenSSH_3.4p1 FreeBSD 20020702</example>
124
+ <param pos="1" name="service.version"/>
125
+ <param pos="2" name="openssh.comment"/>
126
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
127
+ <param pos="0" name="service.family" value="OpenSSH"/>
128
+ <param pos="0" name="service.product" value="OpenSSH"/>
129
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
130
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
131
+ <param pos="0" name="os.family" value="FreeBSD"/>
132
+ <param pos="0" name="os.product" value="FreeBSD"/>
133
+ <param pos="0" name="os.version" value="4.6.2"/>
134
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.6.2"/>
135
+ </fingerprint>
136
+
137
+ <fingerprint pattern="^OpenSSH_(2\.9) (FreeBSD localisations 20020307)$">
138
+ <description>OpenSSH running on FreeBSD 4.6</description>
139
+ <example service.version="2.9" openssh.comment="FreeBSD localisations 20020307">OpenSSH_2.9 FreeBSD localisations 20020307</example>
140
+ <param pos="1" name="service.version"/>
141
+ <param pos="2" name="openssh.comment"/>
142
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
143
+ <param pos="0" name="service.family" value="OpenSSH"/>
144
+ <param pos="0" name="service.product" value="OpenSSH"/>
145
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
146
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
147
+ <param pos="0" name="os.family" value="FreeBSD"/>
148
+ <param pos="0" name="os.product" value="FreeBSD"/>
149
+ <param pos="0" name="os.version" value="4.6"/>
150
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.6"/>
151
+ </fingerprint>
152
+
153
+ <fingerprint pattern="^OpenSSH_(3\.4p1) (FreeBSD-20020702)$">
154
+ <description>OpenSSH running on FreeBSD 4.7</description>
155
+ <example service.version="3.4p1" openssh.comment="FreeBSD-20020702">OpenSSH_3.4p1 FreeBSD-20020702</example>
156
+ <param pos="1" name="service.version"/>
157
+ <param pos="2" name="openssh.comment"/>
158
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
159
+ <param pos="0" name="service.family" value="OpenSSH"/>
160
+ <param pos="0" name="service.product" value="OpenSSH"/>
161
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
162
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
163
+ <param pos="0" name="os.family" value="FreeBSD"/>
164
+ <param pos="0" name="os.product" value="FreeBSD"/>
165
+ <param pos="0" name="os.version" value="4.7"/>
166
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.7"/>
167
+ </fingerprint>
168
+
169
+ <fingerprint pattern="^OpenSSH_(3\.5p1) (FreeBSD-20030201)$">
170
+ <description>OpenSSH running on FreeBSD 4.8</description>
171
+ <example service.version="3.5p1" openssh.comment="FreeBSD-20030201">OpenSSH_3.5p1 FreeBSD-20030201</example>
172
+ <param pos="1" name="service.version"/>
173
+ <param pos="2" name="openssh.comment"/>
174
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
175
+ <param pos="0" name="service.family" value="OpenSSH"/>
176
+ <param pos="0" name="service.product" value="OpenSSH"/>
177
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
178
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
179
+ <param pos="0" name="os.family" value="FreeBSD"/>
180
+ <param pos="0" name="os.product" value="FreeBSD"/>
181
+ <param pos="0" name="os.version" value="4.8"/>
182
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.8"/>
183
+ </fingerprint>
184
+
185
+ <!-- Multiple minor version match, assert the oldest version -->
186
+
187
+ <fingerprint pattern="^OpenSSH_(3\.5p1) (FreeBSD-20030924)$">
188
+ <description>OpenSSH running on FreeBSD 4.9/4.10 (sometimes 4.11)</description>
189
+ <example service.version="3.5p1" openssh.comment="FreeBSD-20030924">OpenSSH_3.5p1 FreeBSD-20030924</example>
190
+ <param pos="1" name="service.version"/>
191
+ <param pos="2" name="openssh.comment"/>
192
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
193
+ <param pos="0" name="service.family" value="OpenSSH"/>
194
+ <param pos="0" name="service.product" value="OpenSSH"/>
195
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
196
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
197
+ <param pos="0" name="os.family" value="FreeBSD"/>
198
+ <param pos="0" name="os.product" value="FreeBSD"/>
199
+ <param pos="0" name="os.version" value="4.9"/>
200
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.9"/>
201
+ </fingerprint>
202
+
203
+ <fingerprint pattern="^OpenSSH_(3\.5p1) (FreeBSD-20060930)$">
204
+ <description>OpenSSH running on FreeBSD 4.11</description>
205
+ <example service.version="3.5p1" openssh.comment="FreeBSD-20060930">OpenSSH_3.5p1 FreeBSD-20060930</example>
206
+ <param pos="1" name="service.version"/>
207
+ <param pos="2" name="openssh.comment"/>
208
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
209
+ <param pos="0" name="service.family" value="OpenSSH"/>
210
+ <param pos="0" name="service.product" value="OpenSSH"/>
211
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
212
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
213
+ <param pos="0" name="os.family" value="FreeBSD"/>
214
+ <param pos="0" name="os.product" value="FreeBSD"/>
215
+ <param pos="0" name="os.version" value="4.11"/>
216
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.11"/>
217
+ </fingerprint>
218
+
219
+ <fingerprint pattern="^OpenSSH_(3\.5p1) (FreeBSD-20021029)$">
220
+ <description>OpenSSH running on FreeBSD 5.0</description>
221
+ <example service.version="3.5p1" openssh.comment="FreeBSD-20021029">OpenSSH_3.5p1 FreeBSD-20021029</example>
222
+ <param pos="1" name="service.version"/>
223
+ <param pos="2" name="openssh.comment"/>
224
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
225
+ <param pos="0" name="service.family" value="OpenSSH"/>
226
+ <param pos="0" name="service.product" value="OpenSSH"/>
227
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
228
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
229
+ <param pos="0" name="os.family" value="FreeBSD"/>
230
+ <param pos="0" name="os.product" value="FreeBSD"/>
231
+ <param pos="0" name="os.version" value="5.0"/>
232
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:5.0"/>
233
+ </fingerprint>
234
+
235
+ <fingerprint pattern="^OpenSSH_(3\.6\.1p1) (FreeBSD-20030423)$">
236
+ <description>OpenSSH running on FreeBSD 5.1</description>
237
+ <example service.version="3.6.1p1" openssh.comment="FreeBSD-20030423">OpenSSH_3.6.1p1 FreeBSD-20030423</example>
238
+ <param pos="1" name="service.version"/>
239
+ <param pos="2" name="openssh.comment"/>
240
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
241
+ <param pos="0" name="service.family" value="OpenSSH"/>
242
+ <param pos="0" name="service.product" value="OpenSSH"/>
243
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
244
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
245
+ <param pos="0" name="os.family" value="FreeBSD"/>
246
+ <param pos="0" name="os.product" value="FreeBSD"/>
247
+ <param pos="0" name="os.version" value="5.1"/>
248
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:5.1"/>
249
+ </fingerprint>
250
+
251
+ <fingerprint pattern="^OpenSSH_(3\.6\.1p1) (FreeBSD-20030924)$">
252
+ <description>OpenSSH running on FreeBSD 5.2</description>
253
+ <example service.version="3.6.1p1" openssh.comment="FreeBSD-20030924">OpenSSH_3.6.1p1 FreeBSD-20030924</example>
254
+ <param pos="1" name="service.version"/>
255
+ <param pos="2" name="openssh.comment"/>
256
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
257
+ <param pos="0" name="service.family" value="OpenSSH"/>
258
+ <param pos="0" name="service.product" value="OpenSSH"/>
259
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
260
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
261
+ <param pos="0" name="os.family" value="FreeBSD"/>
262
+ <param pos="0" name="os.product" value="FreeBSD"/>
263
+ <param pos="0" name="os.version" value="5.2"/>
264
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:5.2"/>
265
+ </fingerprint>
266
+
267
+ <!-- Multiple minor version match, assert the oldest version -->
268
+
269
+ <fingerprint pattern="^OpenSSH_(3\.8\.1p1) (FreeBSD-20040419)$">
270
+ <description>OpenSSH running on FreeBSD 5.3/5.4</description>
271
+ <example service.version="3.8.1p1" openssh.comment="FreeBSD-20040419">OpenSSH_3.8.1p1 FreeBSD-20040419</example>
272
+ <param pos="1" name="service.version"/>
273
+ <param pos="2" name="openssh.comment"/>
274
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
275
+ <param pos="0" name="service.family" value="OpenSSH"/>
276
+ <param pos="0" name="service.product" value="OpenSSH"/>
277
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
278
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
279
+ <param pos="0" name="os.family" value="FreeBSD"/>
280
+ <param pos="0" name="os.product" value="FreeBSD"/>
281
+ <param pos="0" name="os.version" value="5.3"/>
282
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:5.3"/>
283
+ </fingerprint>
284
+
285
+ <fingerprint pattern="^OpenSSH_(3\.8\.1p1) (FreeBSD-20060123)$">
286
+ <description>OpenSSH running on FreeBSD 5.5</description>
287
+ <example service.version="3.8.1p1" openssh.comment="FreeBSD-20060123">OpenSSH_3.8.1p1 FreeBSD-20060123</example>
288
+ <param pos="1" name="service.version"/>
289
+ <param pos="2" name="openssh.comment"/>
290
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
291
+ <param pos="0" name="service.family" value="OpenSSH"/>
292
+ <param pos="0" name="service.product" value="OpenSSH"/>
293
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
294
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
295
+ <param pos="0" name="os.family" value="FreeBSD"/>
296
+ <param pos="0" name="os.product" value="FreeBSD"/>
297
+ <param pos="0" name="os.version" value="5.5"/>
298
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:5.5"/>
299
+ </fingerprint>
300
+
301
+ <!-- Multiple minor version match, assert the oldest version -->
302
+
303
+ <fingerprint pattern="^OpenSSH_(4\.2p1) (FreeBSD-20050903)$">
304
+ <description>OpenSSH running on FreeBSD 6.0/6.1</description>
305
+ <example service.version="4.2p1" openssh.comment="FreeBSD-20050903">OpenSSH_4.2p1 FreeBSD-20050903</example>
306
+ <param pos="1" name="service.version"/>
307
+ <param pos="2" name="openssh.comment"/>
308
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
309
+ <param pos="0" name="service.family" value="OpenSSH"/>
310
+ <param pos="0" name="service.product" value="OpenSSH"/>
311
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
312
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
313
+ <param pos="0" name="os.family" value="FreeBSD"/>
314
+ <param pos="0" name="os.product" value="FreeBSD"/>
315
+ <param pos="0" name="os.version" value="6.0"/>
316
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:6.0"/>
317
+ </fingerprint>
318
+
319
+ <!-- Spans major versions, do not assert a version number -->
320
+
321
+ <fingerprint pattern="^OpenSSH_(4\.5p1) (FreeBSD-20061110)$">
322
+ <description>OpenSSH running on FreeBSD 6.2/6.3/6.4/7.0</description>
323
+ <example service.version="4.5p1" openssh.comment="FreeBSD-20061110">OpenSSH_4.5p1 FreeBSD-20061110</example>
324
+ <param pos="1" name="service.version"/>
325
+ <param pos="2" name="openssh.comment"/>
326
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
327
+ <param pos="0" name="service.family" value="OpenSSH"/>
328
+ <param pos="0" name="service.product" value="OpenSSH"/>
329
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
330
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
331
+ <param pos="0" name="os.family" value="FreeBSD"/>
332
+ <param pos="0" name="os.product" value="FreeBSD"/>
333
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:-"/>
334
+ </fingerprint>
335
+
336
+ <!-- Multiple minor version match, assert the oldest version -->
337
+
338
+ <fingerprint pattern="^OpenSSH_(5\.1p1) (FreeBSD-20080901)$">
339
+ <description>OpenSSH running on FreeBSD 7.1/7.2/7.3/7.4</description>
340
+ <example service.version="5.1p1" openssh.comment="FreeBSD-20080901">OpenSSH_5.1p1 FreeBSD-20080901</example>
341
+ <param pos="1" name="service.version"/>
342
+ <param pos="2" name="openssh.comment"/>
343
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
344
+ <param pos="0" name="service.family" value="OpenSSH"/>
345
+ <param pos="0" name="service.product" value="OpenSSH"/>
346
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
347
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
348
+ <param pos="0" name="os.family" value="FreeBSD"/>
349
+ <param pos="0" name="os.product" value="FreeBSD"/>
350
+ <param pos="0" name="os.version" value="7.1"/>
351
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:7.1"/>
352
+ </fingerprint>
353
+
354
+ <fingerprint pattern="^OpenSSH_(5\.2p1) (FreeBSD-20090522)$">
355
+ <description>OpenSSH running on FreeBSD 8.0</description>
356
+ <example service.version="5.2p1" openssh.comment="FreeBSD-20090522">OpenSSH_5.2p1 FreeBSD-20090522</example>
357
+ <param pos="1" name="service.version"/>
358
+ <param pos="2" name="openssh.comment"/>
359
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
360
+ <param pos="0" name="service.family" value="OpenSSH"/>
361
+ <param pos="0" name="service.product" value="OpenSSH"/>
362
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
363
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
364
+ <param pos="0" name="os.family" value="FreeBSD"/>
365
+ <param pos="0" name="os.product" value="FreeBSD"/>
366
+ <param pos="0" name="os.version" value="8.0"/>
367
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:8.0"/>
368
+ </fingerprint>
369
+
370
+ <!-- Multiple minor version match, assert the oldest version -->
371
+
372
+ <fingerprint pattern="^OpenSSH_(5\.4p1) (FreeBSD-20100308)$">
373
+ <description>OpenSSH running on FreeBSD 8.1/8.2</description>
374
+ <example service.version="5.4p1" openssh.comment="FreeBSD-20100308">OpenSSH_5.4p1 FreeBSD-20100308</example>
375
+ <param pos="1" name="service.version"/>
376
+ <param pos="2" name="openssh.comment"/>
377
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
378
+ <param pos="0" name="service.family" value="OpenSSH"/>
379
+ <param pos="0" name="service.product" value="OpenSSH"/>
380
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
381
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
382
+ <param pos="0" name="os.family" value="FreeBSD"/>
383
+ <param pos="0" name="os.product" value="FreeBSD"/>
384
+ <param pos="0" name="os.version" value="8.1"/>
385
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:8.1"/>
386
+ </fingerprint>
387
+
388
+ <fingerprint pattern="^OpenSSH_(5\.4p1_hpn13v11) (FreeBSD-20100308)$">
389
+ <description>OpenSSH running on FreeBSD 8.3</description>
390
+ <example service.version="5.4p1_hpn13v11" openssh.comment="FreeBSD-20100308">OpenSSH_5.4p1_hpn13v11 FreeBSD-20100308</example>
391
+ <param pos="1" name="service.version"/>
392
+ <param pos="2" name="openssh.comment"/>
393
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
394
+ <param pos="0" name="service.family" value="OpenSSH"/>
395
+ <param pos="0" name="service.product" value="OpenSSH"/>
396
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
397
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
398
+ <param pos="0" name="os.family" value="FreeBSD"/>
399
+ <param pos="0" name="os.product" value="FreeBSD"/>
400
+ <param pos="0" name="os.version" value="8.3"/>
401
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:8.3"/>
402
+ </fingerprint>
403
+
404
+ <fingerprint pattern="^OpenSSH_(6\.1_hpn13v11) (FreeBSD-20120901)$">
405
+ <description>OpenSSH running on FreeBSD 8.4</description>
406
+ <example service.version="6.1_hpn13v11" openssh.comment="FreeBSD-20120901">OpenSSH_6.1_hpn13v11 FreeBSD-20120901</example>
407
+ <param pos="1" name="service.version"/>
408
+ <param pos="2" name="openssh.comment"/>
409
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
410
+ <param pos="0" name="service.family" value="OpenSSH"/>
411
+ <param pos="0" name="service.product" value="OpenSSH"/>
412
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
413
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
414
+ <param pos="0" name="os.family" value="FreeBSD"/>
415
+ <param pos="0" name="os.product" value="FreeBSD"/>
416
+ <param pos="0" name="os.version" value="8.4"/>
417
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:8.4"/>
418
+ </fingerprint>
419
+
420
+ <!-- Multiple minor version match, assert the oldest version -->
421
+
422
+ <fingerprint pattern="^OpenSSH_(5\.8p2_hpn13v11) (FreeBSD-20110503)$">
423
+ <description>OpenSSH running on FreeBSD 9.0/9.1</description>
424
+ <example service.version="5.8p2_hpn13v11" openssh.comment="FreeBSD-20110503">OpenSSH_5.8p2_hpn13v11 FreeBSD-20110503</example>
425
+ <param pos="1" name="service.version"/>
426
+ <param pos="2" name="openssh.comment"/>
427
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
428
+ <param pos="0" name="service.family" value="OpenSSH"/>
429
+ <param pos="0" name="service.product" value="OpenSSH"/>
430
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
431
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
432
+ <param pos="0" name="os.family" value="FreeBSD"/>
433
+ <param pos="0" name="os.product" value="FreeBSD"/>
434
+ <param pos="0" name="os.version" value="9.0"/>
435
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:9.0"/>
436
+ </fingerprint>
437
+
438
+ <fingerprint pattern="^OpenSSH_(6\.2_hpn13v11) (FreeBSD-20130515)$">
439
+ <description>OpenSSH running on FreeBSD 9.2</description>
440
+ <example service.version="6.2_hpn13v11" openssh.comment="FreeBSD-20130515">OpenSSH_6.2_hpn13v11 FreeBSD-20130515</example>
441
+ <param pos="1" name="service.version"/>
442
+ <param pos="2" name="openssh.comment"/>
443
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
444
+ <param pos="0" name="service.family" value="OpenSSH"/>
445
+ <param pos="0" name="service.product" value="OpenSSH"/>
446
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
447
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
448
+ <param pos="0" name="os.family" value="FreeBSD"/>
449
+ <param pos="0" name="os.product" value="FreeBSD"/>
450
+ <param pos="0" name="os.version" value="9.2"/>
451
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:9.2"/>
452
+ </fingerprint>
453
+
454
+ <!-- Spans major versions, do not assert a version number -->
455
+
456
+ <fingerprint pattern="^OpenSSH_(6\.6\.1_hpn13v11) (FreeBSD-20140420)$">
457
+ <description>OpenSSH running on FreeBSD 9.3/10.1/10.2</description>
458
+ <example service.version="6.6.1_hpn13v11" openssh.comment="FreeBSD-20140420">OpenSSH_6.6.1_hpn13v11 FreeBSD-20140420</example>
459
+ <param pos="1" name="service.version"/>
460
+ <param pos="2" name="openssh.comment"/>
461
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
462
+ <param pos="0" name="service.family" value="OpenSSH"/>
463
+ <param pos="0" name="service.product" value="OpenSSH"/>
464
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
465
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
466
+ <param pos="0" name="os.family" value="FreeBSD"/>
467
+ <param pos="0" name="os.product" value="FreeBSD"/>
468
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:-"/>
469
+ </fingerprint>
470
+
471
+ <fingerprint pattern="^OpenSSH_(6\.4_hpn13v11) (FreeBSD-20131111)$">
472
+ <description>OpenSSH running on FreeBSD 10.0</description>
473
+ <example service.version="6.4_hpn13v11" openssh.comment="FreeBSD-20131111">OpenSSH_6.4_hpn13v11 FreeBSD-20131111</example>
474
+ <param pos="1" name="service.version"/>
475
+ <param pos="2" name="openssh.comment"/>
476
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
477
+ <param pos="0" name="service.family" value="OpenSSH"/>
478
+ <param pos="0" name="service.product" value="OpenSSH"/>
479
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
480
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
481
+ <param pos="0" name="os.family" value="FreeBSD"/>
482
+ <param pos="0" name="os.product" value="FreeBSD"/>
483
+ <param pos="0" name="os.version" value="10.0"/>
484
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:10.0"/>
485
+ </fingerprint>
486
+
487
+ <!-- Spans major versions, do not assert a version number -->
488
+
489
+ <fingerprint pattern="^OpenSSH_(7\.2) (FreeBSD-20160310)$">
490
+ <description>OpenSSH running on FreeBSD 10.3/11.0</description>
65
491
  <example service.version="7.2" openssh.comment="FreeBSD-20160310">OpenSSH_7.2 FreeBSD-20160310</example>
66
492
  <param pos="1" name="service.version"/>
67
493
  <param pos="2" name="openssh.comment"/>
@@ -74,6 +500,90 @@
74
500
  <param pos="0" name="os.product" value="FreeBSD"/>
75
501
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:-"/>
76
502
  </fingerprint>
503
+
504
+ <fingerprint pattern="^OpenSSH_(7\.3) (FreeBSD-20170902)$">
505
+ <description>OpenSSH running on FreeBSD 10.4</description>
506
+ <example service.version="7.3" openssh.comment="FreeBSD-20170902">OpenSSH_7.3 FreeBSD-20170902</example>
507
+ <param pos="1" name="service.version"/>
508
+ <param pos="2" name="openssh.comment"/>
509
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
510
+ <param pos="0" name="service.family" value="OpenSSH"/>
511
+ <param pos="0" name="service.product" value="OpenSSH"/>
512
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
513
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
514
+ <param pos="0" name="os.family" value="FreeBSD"/>
515
+ <param pos="0" name="os.product" value="FreeBSD"/>
516
+ <param pos="0" name="os.version" value="10.4"/>
517
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:10.4"/>
518
+ </fingerprint>
519
+
520
+ <fingerprint pattern="^OpenSSH_(7\.2) (FreeBSD-20161230)$">
521
+ <description>OpenSSH running on FreeBSD 11.1</description>
522
+ <example service.version="7.2" openssh.comment="FreeBSD-20161230">OpenSSH_7.2 FreeBSD-20161230</example>
523
+ <param pos="1" name="service.version"/>
524
+ <param pos="2" name="openssh.comment"/>
525
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
526
+ <param pos="0" name="service.family" value="OpenSSH"/>
527
+ <param pos="0" name="service.product" value="OpenSSH"/>
528
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
529
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
530
+ <param pos="0" name="os.family" value="FreeBSD"/>
531
+ <param pos="0" name="os.product" value="FreeBSD"/>
532
+ <param pos="0" name="os.version" value="11.1"/>
533
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:11.1"/>
534
+ </fingerprint>
535
+
536
+ <!-- Multiple minor version match, assert the oldest version -->
537
+
538
+ <fingerprint pattern="^OpenSSH_(7\.5) (FreeBSD-20170903)$">
539
+ <description>OpenSSH running on FreeBSD 11.2/11.3</description>
540
+ <example service.version="7.5" openssh.comment="FreeBSD-20170903">OpenSSH_7.5 FreeBSD-20170903</example>
541
+ <param pos="1" name="service.version"/>
542
+ <param pos="2" name="openssh.comment"/>
543
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
544
+ <param pos="0" name="service.family" value="OpenSSH"/>
545
+ <param pos="0" name="service.product" value="OpenSSH"/>
546
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
547
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
548
+ <param pos="0" name="os.family" value="FreeBSD"/>
549
+ <param pos="0" name="os.product" value="FreeBSD"/>
550
+ <param pos="0" name="os.version" value="11.2"/>
551
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:11.2"/>
552
+ </fingerprint>
553
+
554
+ <fingerprint pattern="^OpenSSH_(7\.8) (FreeBSD-20180909)$">
555
+ <description>OpenSSH running on FreeBSD 12.0</description>
556
+ <example service.version="7.8" openssh.comment="FreeBSD-20180909">OpenSSH_7.8 FreeBSD-20180909</example>
557
+ <param pos="1" name="service.version"/>
558
+ <param pos="2" name="openssh.comment"/>
559
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
560
+ <param pos="0" name="service.family" value="OpenSSH"/>
561
+ <param pos="0" name="service.product" value="OpenSSH"/>
562
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
563
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
564
+ <param pos="0" name="os.family" value="FreeBSD"/>
565
+ <param pos="0" name="os.product" value="FreeBSD"/>
566
+ <param pos="0" name="os.version" value="12.0"/>
567
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:12.0"/>
568
+ </fingerprint>
569
+
570
+ <fingerprint pattern="^OpenSSH_([^\s]+)\s+(FreeBSD[ -].*)$">
571
+ <description>OpenSSH running on FreeBSD</description>
572
+ <example service.version="7.2" openssh.comment="FreeBSD-20160311">OpenSSH_7.2 FreeBSD-20160311</example>
573
+ <param pos="1" name="service.version"/>
574
+ <param pos="2" name="openssh.comment"/>
575
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
576
+ <param pos="0" name="service.family" value="OpenSSH"/>
577
+ <param pos="0" name="service.product" value="OpenSSH"/>
578
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
579
+ <param pos="0" name="os.vendor" value="FreeBSD"/>
580
+ <param pos="0" name="os.family" value="FreeBSD"/>
581
+ <param pos="0" name="os.product" value="FreeBSD"/>
582
+ <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:-"/>
583
+ </fingerprint>
584
+
585
+ <!-- NetBSD -->
586
+
77
587
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(NetBSD(?:_Secure_Shell)?[ -].*)$">
78
588
  <description>OpenSSH running on NetBSD</description>
79
589
  <example service.version="7.2" openssh.comment="NetBSD-20100308">OpenSSH_7.2 NetBSD-20100308</example>
@@ -84,14 +594,349 @@
84
594
  <param pos="0" name="service.family" value="OpenSSH"/>
85
595
  <param pos="0" name="service.product" value="OpenSSH"/>
86
596
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
87
- <param pos="0" name="os.vendor" value="NetBSD"/>
88
- <param pos="0" name="os.family" value="NetBSD"/>
89
- <param pos="0" name="os.product" value="NetBSD"/>
90
- <param pos="0" name="os.cpe23" value="cpe:/o:netbsd:netbsd:-"/>
597
+ <param pos="0" name="os.vendor" value="NetBSD"/>
598
+ <param pos="0" name="os.family" value="NetBSD"/>
599
+ <param pos="0" name="os.product" value="NetBSD"/>
600
+ <param pos="0" name="os.cpe23" value="cpe:/o:netbsd:netbsd:-"/>
601
+ </fingerprint>
602
+
603
+ <!-- Ubuntu -->
604
+
605
+ <fingerprint pattern="^OpenSSH_(3\.8\.1p1) (Debian-11ubuntu\d+(?:\.\d+)?)$">
606
+ <description>OpenSSH running on Ubuntu 4.10</description>
607
+ <example service.version="3.8.1p1" openssh.comment="Debian-11ubuntu3">OpenSSH_3.8.1p1 Debian-11ubuntu3</example>
608
+ <param pos="1" name="service.version"/>
609
+ <param pos="2" name="openssh.comment"/>
610
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
611
+ <param pos="0" name="service.family" value="OpenSSH"/>
612
+ <param pos="0" name="service.product" value="OpenSSH"/>
613
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
614
+ <param pos="0" name="os.vendor" value="Ubuntu"/>
615
+ <param pos="0" name="os.family" value="Linux"/>
616
+ <param pos="0" name="os.product" value="Linux"/>
617
+ <param pos="0" name="os.version" value="4.10"/>
618
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:4.10"/>
619
+ </fingerprint>
620
+
621
+ <fingerprint pattern="^OpenSSH_(3\.9p1) (Debian-1ubuntu\d+(?:\.\d+)?)$">
622
+ <description>OpenSSH running on Ubuntu 5.04</description>
623
+ <example service.version="3.9p1" openssh.comment="Debian-1ubuntu2">OpenSSH_3.9p1 Debian-1ubuntu2</example>
624
+ <param pos="1" name="service.version"/>
625
+ <param pos="2" name="openssh.comment"/>
626
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
627
+ <param pos="0" name="service.family" value="OpenSSH"/>
628
+ <param pos="0" name="service.product" value="OpenSSH"/>
629
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
630
+ <param pos="0" name="os.vendor" value="Ubuntu"/>
631
+ <param pos="0" name="os.family" value="Linux"/>
632
+ <param pos="0" name="os.product" value="Linux"/>
633
+ <param pos="0" name="os.version" value="5.04"/>
634
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:5.04"/>
635
+ </fingerprint>
636
+
637
+ <fingerprint pattern="^OpenSSH_(4\.1p1) (Debian-7ubuntu\d+(?:\.\d+)?)$">
638
+ <description>OpenSSH running on Ubuntu 5.10</description>
639
+ <example service.version="4.1p1" openssh.comment="Debian-7ubuntu4">OpenSSH_4.1p1 Debian-7ubuntu4</example>
640
+ <param pos="1" name="service.version"/>
641
+ <param pos="2" name="openssh.comment"/>
642
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
643
+ <param pos="0" name="service.family" value="OpenSSH"/>
644
+ <param pos="0" name="service.product" value="OpenSSH"/>
645
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
646
+ <param pos="0" name="os.vendor" value="Ubuntu"/>
647
+ <param pos="0" name="os.family" value="Linux"/>
648
+ <param pos="0" name="os.product" value="Linux"/>
649
+ <param pos="0" name="os.version" value="5.10"/>
650
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:5.10"/>
651
+ </fingerprint>
652
+
653
+ <fingerprint pattern="^OpenSSH_(4\.2p1) (Debian-7ubuntu\d+(?:\.\d+)?)$">
654
+ <description>OpenSSH running on Ubuntu 6.04</description>
655
+ <example service.version="4.2p1" openssh.comment="Debian-7ubuntu3.1">OpenSSH_4.2p1 Debian-7ubuntu3.1</example>
656
+ <example>OpenSSH_4.2p1 Debian-7ubuntu3.2</example>
657
+ <param pos="1" name="service.version"/>
658
+ <param pos="2" name="openssh.comment"/>
659
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
660
+ <param pos="0" name="service.family" value="OpenSSH"/>
661
+ <param pos="0" name="service.product" value="OpenSSH"/>
662
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
663
+ <param pos="0" name="os.vendor" value="Ubuntu"/>
664
+ <param pos="0" name="os.family" value="Linux"/>
665
+ <param pos="0" name="os.product" value="Linux"/>
666
+ <param pos="0" name="os.version" value="6.04"/>
667
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:6.04"/>
668
+ </fingerprint>
669
+
670
+ <fingerprint pattern="^OpenSSH_(4\.3p2) (Debian-8ubuntu\d+(?:\.\d+)?)$">
671
+ <description>OpenSSH running on Ubuntu 7.04</description>
672
+ <example service.version="4.3p2" openssh.comment="Debian-8ubuntu1.4">OpenSSH_4.3p2 Debian-8ubuntu1.4</example>
673
+ <param pos="1" name="service.version"/>
674
+ <param pos="2" name="openssh.comment"/>
675
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
676
+ <param pos="0" name="service.family" value="OpenSSH"/>
677
+ <param pos="0" name="service.product" value="OpenSSH"/>
678
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
679
+ <param pos="0" name="os.vendor" value="Ubuntu"/>
680
+ <param pos="0" name="os.family" value="Linux"/>
681
+ <param pos="0" name="os.product" value="Linux"/>
682
+ <param pos="0" name="os.version" value="7.04"/>
683
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:7.04"/>
684
+ </fingerprint>
685
+
686
+ <fingerprint pattern="^OpenSSH_(4\.6p1) (Debian-5ubuntu\d+(?:\.\d+)?)$">
687
+ <description>OpenSSH running on Ubuntu 7.10</description>
688
+ <example service.version="4.6p1" openssh.comment="Debian-5ubuntu0.2">OpenSSH_4.6p1 Debian-5ubuntu0.2</example>
689
+ <example>OpenSSH_4.6p1 Debian-5ubuntu0.5</example>
690
+ <example>OpenSSH_4.6p1 Debian-5ubuntu0.6</example>
691
+ <example>OpenSSH_4.6p1 Debian-5ubuntu0</example>
692
+ <param pos="1" name="service.version"/>
693
+ <param pos="2" name="openssh.comment"/>
694
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
695
+ <param pos="0" name="service.family" value="OpenSSH"/>
696
+ <param pos="0" name="service.product" value="OpenSSH"/>
697
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
698
+ <param pos="0" name="os.vendor" value="Ubuntu"/>
699
+ <param pos="0" name="os.family" value="Linux"/>
700
+ <param pos="0" name="os.product" value="Linux"/>
701
+ <param pos="0" name="os.version" value="7.10"/>
702
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:7.10"/>
703
+ </fingerprint>
704
+
705
+ <fingerprint pattern="^OpenSSH_(4\.7p1) (Debian-8ubuntu\d+(?:\.\d+)?)$">
706
+ <description>OpenSSH running on Ubuntu 8.04</description>
707
+ <example service.version="4.7p1" openssh.comment="Debian-8ubuntu1.2">OpenSSH_4.7p1 Debian-8ubuntu1.2</example>
708
+ <example service.version="4.7p1" openssh.comment="Debian-8ubuntu3">OpenSSH_4.7p1 Debian-8ubuntu3</example>
709
+ <param pos="1" name="service.version"/>
710
+ <param pos="2" name="openssh.comment"/>
711
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
712
+ <param pos="0" name="service.family" value="OpenSSH"/>
713
+ <param pos="0" name="service.product" value="OpenSSH"/>
714
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
715
+ <param pos="0" name="os.vendor" value="Ubuntu"/>
716
+ <param pos="0" name="os.family" value="Linux"/>
717
+ <param pos="0" name="os.product" value="Linux"/>
718
+ <param pos="0" name="os.version" value="8.04"/>
719
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:8.04"/>
720
+ </fingerprint>
721
+
722
+ <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-3ubuntu\d+(?:\.\d+)?)$">
723
+ <description>OpenSSH running on Ubuntu 8.10</description>
724
+ <example service.version="5.1p1" openssh.comment="Debian-3ubuntu1">OpenSSH_5.1p1 Debian-3ubuntu1</example>
725
+ <param pos="1" name="service.version"/>
726
+ <param pos="2" name="openssh.comment"/>
727
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
728
+ <param pos="0" name="service.family" value="OpenSSH"/>
729
+ <param pos="0" name="service.product" value="OpenSSH"/>
730
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
731
+ <param pos="0" name="os.vendor" value="Ubuntu"/>
732
+ <param pos="0" name="os.family" value="Linux"/>
733
+ <param pos="0" name="os.product" value="Linux"/>
734
+ <param pos="0" name="os.version" value="8.10"/>
735
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:8.10"/>
736
+ </fingerprint>
737
+
738
+ <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-5ubuntu\d+(?:\.\d+)?)$">
739
+ <description>OpenSSH running on Ubuntu 9.04</description>
740
+ <example service.version="5.1p1" openssh.comment="Debian-5ubuntu1">OpenSSH_5.1p1 Debian-5ubuntu1</example>
741
+ <param pos="1" name="service.version"/>
742
+ <param pos="2" name="openssh.comment"/>
743
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
744
+ <param pos="0" name="service.family" value="OpenSSH"/>
745
+ <param pos="0" name="service.product" value="OpenSSH"/>
746
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
747
+ <param pos="0" name="os.vendor" value="Ubuntu"/>
748
+ <param pos="0" name="os.family" value="Linux"/>
749
+ <param pos="0" name="os.product" value="Linux"/>
750
+ <param pos="0" name="os.version" value="9.04"/>
751
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:9.04"/>
752
+ </fingerprint>
753
+
754
+ <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-6ubuntu\d+(?:\.\d+)?)$">
755
+ <description>OpenSSH running on Ubuntu 9.10</description>
756
+ <example service.version="5.1p1" openssh.comment="Debian-6ubuntu2">OpenSSH_5.1p1 Debian-6ubuntu2</example>
757
+ <param pos="1" name="service.version"/>
758
+ <param pos="2" name="openssh.comment"/>
759
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
760
+ <param pos="0" name="service.family" value="OpenSSH"/>
761
+ <param pos="0" name="service.product" value="OpenSSH"/>
762
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
763
+ <param pos="0" name="os.vendor" value="Ubuntu"/>
764
+ <param pos="0" name="os.family" value="Linux"/>
765
+ <param pos="0" name="os.product" value="Linux"/>
766
+ <param pos="0" name="os.version" value="9.10"/>
767
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:9.10"/>
768
+ </fingerprint>
769
+
770
+ <fingerprint pattern="^OpenSSH_(5\.3p1) (Debian-3ubuntu\d+(?:\.\d+)?)$">
771
+ <description>OpenSSH running on Ubuntu 10.04 (lucid)</description>
772
+ <example service.version="5.3p1" openssh.comment="Debian-3ubuntu3">OpenSSH_5.3p1 Debian-3ubuntu3</example>
773
+ <example service.version="5.3p1" openssh.comment="Debian-3ubuntu4">OpenSSH_5.3p1 Debian-3ubuntu4</example>
774
+ <example service.version="5.3p1" openssh.comment="Debian-3ubuntu5">OpenSSH_5.3p1 Debian-3ubuntu5</example>
775
+ <example service.version="5.3p1" openssh.comment="Debian-3ubuntu6">OpenSSH_5.3p1 Debian-3ubuntu6</example>
776
+ <example service.version="5.3p1" openssh.comment="Debian-3ubuntu7">OpenSSH_5.3p1 Debian-3ubuntu7</example>
777
+ <example service.version="5.3p1" openssh.comment="Debian-3ubuntu7.1">OpenSSH_5.3p1 Debian-3ubuntu7.1</example>
778
+ <param pos="1" name="service.version"/>
779
+ <param pos="2" name="openssh.comment"/>
780
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
781
+ <param pos="0" name="service.family" value="OpenSSH"/>
782
+ <param pos="0" name="service.product" value="OpenSSH"/>
783
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
784
+ <param pos="0" name="os.vendor" value="Ubuntu"/>
785
+ <param pos="0" name="os.family" value="Linux"/>
786
+ <param pos="0" name="os.product" value="Linux"/>
787
+ <param pos="0" name="os.version" value="10.04"/>
788
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:10.04"/>
789
+ </fingerprint>
790
+
791
+ <fingerprint pattern="^OpenSSH_(5\.5p1) (Debian-4ubuntu\d+(?:\.\d+)?)$">
792
+ <description>OpenSSH running on Ubuntu 10.10</description>
793
+ <example service.version="5.5p1" openssh.comment="Debian-4ubuntu4">OpenSSH_5.5p1 Debian-4ubuntu4</example>
794
+ <example service.version="5.5p1" openssh.comment="Debian-4ubuntu5">OpenSSH_5.5p1 Debian-4ubuntu5</example>
795
+ <example service.version="5.5p1" openssh.comment="Debian-4ubuntu6">OpenSSH_5.5p1 Debian-4ubuntu6</example>
796
+ <param pos="1" name="service.version"/>
797
+ <param pos="2" name="openssh.comment"/>
798
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
799
+ <param pos="0" name="service.family" value="OpenSSH"/>
800
+ <param pos="0" name="service.product" value="OpenSSH"/>
801
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
802
+ <param pos="0" name="os.vendor" value="Ubuntu"/>
803
+ <param pos="0" name="os.family" value="Linux"/>
804
+ <param pos="0" name="os.product" value="Linux"/>
805
+ <param pos="0" name="os.version" value="10.10"/>
806
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:10.10"/>
807
+ </fingerprint>
808
+
809
+ <fingerprint pattern="^OpenSSH_(5\.8p1) (Debian-1ubuntu\d(?:\.\d)?)$">
810
+ <description>OpenSSH running on Ubuntu 11.04</description>
811
+ <example service.version="5.8p1" openssh.comment="Debian-1ubuntu3">OpenSSH_5.8p1 Debian-1ubuntu3</example>
812
+ <param pos="1" name="service.version"/>
813
+ <param pos="2" name="openssh.comment"/>
814
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
815
+ <param pos="0" name="service.family" value="OpenSSH"/>
816
+ <param pos="0" name="service.product" value="OpenSSH"/>
817
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
818
+ <param pos="0" name="os.vendor" value="Ubuntu"/>
819
+ <param pos="0" name="os.family" value="Linux"/>
820
+ <param pos="0" name="os.product" value="Linux"/>
821
+ <param pos="0" name="os.version" value="11.04"/>
822
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:11.04"/>
823
+ </fingerprint>
824
+
825
+ <fingerprint pattern="^OpenSSH_(5\.8p1) (Debian-7ubuntu\d(?:\.\d)?)$">
826
+ <description>OpenSSH running on Ubuntu 11.10</description>
827
+ <example service.version="5.8p1" openssh.comment="Debian-7ubuntu1">OpenSSH_5.8p1 Debian-7ubuntu1</example>
828
+ <param pos="1" name="service.version"/>
829
+ <param pos="2" name="openssh.comment"/>
830
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
831
+ <param pos="0" name="service.family" value="OpenSSH"/>
832
+ <param pos="0" name="service.product" value="OpenSSH"/>
833
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
834
+ <param pos="0" name="os.vendor" value="Ubuntu"/>
835
+ <param pos="0" name="os.family" value="Linux"/>
836
+ <param pos="0" name="os.product" value="Linux"/>
837
+ <param pos="0" name="os.version" value="11.10"/>
838
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:11.10"/>
839
+ </fingerprint>
840
+
841
+ <fingerprint pattern="^OpenSSH_(5\.9p1) (Debian-5ubuntu\d(?:\.\d)?)$">
842
+ <description>OpenSSH running on Ubuntu 12.04</description>
843
+ <example service.version="5.9p1" openssh.comment="Debian-5ubuntu1">OpenSSH_5.9p1 Debian-5ubuntu1</example>
844
+ <example service.version="5.9p1" openssh.comment="Debian-5ubuntu1.4">OpenSSH_5.9p1 Debian-5ubuntu1.4</example>
845
+ <param pos="1" name="service.version"/>
846
+ <param pos="2" name="openssh.comment"/>
847
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
848
+ <param pos="0" name="service.family" value="OpenSSH"/>
849
+ <param pos="0" name="service.product" value="OpenSSH"/>
850
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
851
+ <param pos="0" name="os.vendor" value="Ubuntu"/>
852
+ <param pos="0" name="os.family" value="Linux"/>
853
+ <param pos="0" name="os.product" value="Linux"/>
854
+ <param pos="0" name="os.version" value="12.04"/>
855
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:12.04"/>
856
+ </fingerprint>
857
+
858
+ <fingerprint pattern="^OpenSSH_(6\.0p1) (Debian-3ubuntu\d(?:\.\d)?)$">
859
+ <description>OpenSSH running on Ubuntu 12.10</description>
860
+ <example service.version="6.0p1" openssh.comment="Debian-3ubuntu1">OpenSSH_6.0p1 Debian-3ubuntu1</example>
861
+ <example>OpenSSH_6.0p1 Debian-3ubuntu1.2</example>
862
+ <param pos="1" name="service.version"/>
863
+ <param pos="2" name="openssh.comment"/>
864
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
865
+ <param pos="0" name="service.family" value="OpenSSH"/>
866
+ <param pos="0" name="service.product" value="OpenSSH"/>
867
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
868
+ <param pos="0" name="os.vendor" value="Ubuntu"/>
869
+ <param pos="0" name="os.family" value="Linux"/>
870
+ <param pos="0" name="os.product" value="Linux"/>
871
+ <param pos="0" name="os.version" value="12.10"/>
872
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:12.10"/>
873
+ </fingerprint>
874
+
875
+ <fingerprint pattern="^OpenSSH_(6\.1p1) (Debian-4)$">
876
+ <description>OpenSSH running on Ubuntu 13.04</description>
877
+ <example service.version="6.1p1" openssh.comment="Debian-4">OpenSSH_6.1p1 Debian-4</example>
878
+ <param pos="1" name="service.version"/>
879
+ <param pos="2" name="openssh.comment"/>
880
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
881
+ <param pos="0" name="service.family" value="OpenSSH"/>
882
+ <param pos="0" name="service.product" value="OpenSSH"/>
883
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
884
+ <param pos="0" name="os.vendor" value="Ubuntu"/>
885
+ <param pos="0" name="os.family" value="Linux"/>
886
+ <param pos="0" name="os.product" value="Linux"/>
887
+ <param pos="0" name="os.version" value="13.04"/>
888
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:13.04"/>
889
+ </fingerprint>
890
+
891
+ <fingerprint pattern="^OpenSSH_(6\.2p2) (Ubuntu-6unbuntu\d(?:\.\d)?)$">
892
+ <description>OpenSSH running on Ubuntu 13.10</description>
893
+ <example service.version="6.2p2" openssh.comment="Ubuntu-6unbuntu0.4">OpenSSH_6.2p2 Ubuntu-6unbuntu0.4</example>
894
+ <param pos="1" name="service.version"/>
895
+ <param pos="2" name="openssh.comment"/>
896
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
897
+ <param pos="0" name="service.family" value="OpenSSH"/>
898
+ <param pos="0" name="service.product" value="OpenSSH"/>
899
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
900
+ <param pos="0" name="os.vendor" value="Ubuntu"/>
901
+ <param pos="0" name="os.family" value="Linux"/>
902
+ <param pos="0" name="os.product" value="Linux"/>
903
+ <param pos="0" name="os.version" value="13.10"/>
904
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:13.10"/>
905
+ </fingerprint>
906
+
907
+ <fingerprint pattern="^OpenSSH_(\d+\.\d+(?:\.\d+)?(?:p\d+)?)[_|-](hpn\d+v\d+)$">
908
+ <description>OpenSSH with HPN patches</description>
909
+ <example service.version="6.1" openssh.comment="hpn13v11">OpenSSH_6.1_hpn13v11</example>
910
+ <example service.version="5.8p1" openssh.comment="hpn13v11">OpenSSH_5.8p1-hpn13v11</example>
911
+ <example service.version="5.8p1" openssh.comment="hpn14v9">OpenSSH_5.8p1-hpn14v9</example>
912
+ <param pos="1" name="service.version"/>
913
+ <param pos="2" name="openssh.comment"/>
914
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
915
+ <param pos="0" name="service.family" value="OpenSSH"/>
916
+ <param pos="0" name="service.product" value="OpenSSH"/>
917
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
918
+ </fingerprint>
919
+
920
+ <fingerprint pattern="^OpenSSH_(6\.6(?:\.\d)?p1) (Ubuntu-2ubuntu\d+(?:\.\d+)?)$">
921
+ <description>OpenSSH running on Ubuntu 14.04</description>
922
+ <example service.version="6.6p1" openssh.comment="Ubuntu-2ubuntu1">OpenSSH_6.6p1 Ubuntu-2ubuntu1</example>
923
+ <example service.version="6.6.1p1" openssh.comment="Ubuntu-2ubuntu2">OpenSSH_6.6.1p1 Ubuntu-2ubuntu2</example>
924
+ <param pos="1" name="service.version"/>
925
+ <param pos="2" name="openssh.comment"/>
926
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
927
+ <param pos="0" name="service.family" value="OpenSSH"/>
928
+ <param pos="0" name="service.product" value="OpenSSH"/>
929
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
930
+ <param pos="0" name="os.vendor" value="Ubuntu"/>
931
+ <param pos="0" name="os.family" value="Linux"/>
932
+ <param pos="0" name="os.product" value="Linux"/>
933
+ <param pos="0" name="os.version" value="14.04"/>
934
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:14.04"/>
91
935
  </fingerprint>
92
- <fingerprint pattern="^OpenSSH_(4\.1p1) (Debian-7ubuntu\d+(?:\.\d+)?)$">
93
- <description>OpenSSH running on Ubuntu 5.10</description>
94
- <example>OpenSSH_4.1p1 Debian-7ubuntu4</example>
936
+
937
+ <fingerprint pattern="^OpenSSH_(6\.6\.1p1) (Ubuntu-8)$">
938
+ <description>OpenSSH running on Ubuntu 14.10</description>
939
+ <example service.version="6.6.1p1" openssh.comment="Ubuntu-8">OpenSSH_6.6.1p1 Ubuntu-8</example>
95
940
  <param pos="1" name="service.version"/>
96
941
  <param pos="2" name="openssh.comment"/>
97
942
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -101,13 +946,13 @@
101
946
  <param pos="0" name="os.vendor" value="Ubuntu"/>
102
947
  <param pos="0" name="os.family" value="Linux"/>
103
948
  <param pos="0" name="os.product" value="Linux"/>
104
- <param pos="0" name="os.version" value="5.10"/>
105
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:5.10"/>
949
+ <param pos="0" name="os.version" value="14.10"/>
950
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:14.10"/>
106
951
  </fingerprint>
107
- <fingerprint pattern="^OpenSSH_(4\.2p1) (Debian-7ubuntu\d+(?:\.\d+)?)$">
108
- <description>OpenSSH running on Ubuntu 6.04</description>
109
- <example>OpenSSH_4.2p1 Debian-7ubuntu3.1</example>
110
- <example>OpenSSH_4.2p1 Debian-7ubuntu3.2</example>
952
+
953
+ <fingerprint pattern="^OpenSSH_(6\.7p1) (Ubuntu-5ubuntu\d(?:\.\d)?)$">
954
+ <description>OpenSSH running on Ubuntu 15.04 (vivid)</description>
955
+ <example service.version="6.7p1" openssh.comment="Ubuntu-5ubuntu1">OpenSSH_6.7p1 Ubuntu-5ubuntu1</example>
111
956
  <param pos="1" name="service.version"/>
112
957
  <param pos="2" name="openssh.comment"/>
113
958
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -117,12 +962,13 @@
117
962
  <param pos="0" name="os.vendor" value="Ubuntu"/>
118
963
  <param pos="0" name="os.family" value="Linux"/>
119
964
  <param pos="0" name="os.product" value="Linux"/>
120
- <param pos="0" name="os.version" value="6.04"/>
121
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:6.04"/>
965
+ <param pos="0" name="os.version" value="15.04"/>
966
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:15.04"/>
122
967
  </fingerprint>
123
- <fingerprint pattern="^OpenSSH_(4\.3p2) (Debian-8ubuntu\d+(?:\.\d+)?)$">
124
- <description>OpenSSH running on Ubuntu 7.04</description>
125
- <example>OpenSSH_4.3p2 Debian-8ubuntu1.4</example>
968
+
969
+ <fingerprint pattern="^OpenSSH_(6\.9p1) (Ubuntu-2)$">
970
+ <description>OpenSSH running on Ubuntu 15.10</description>
971
+ <example service.version="6.9p1" openssh.comment="Ubuntu-2">OpenSSH_6.9p1 Ubuntu-2</example>
126
972
  <param pos="1" name="service.version"/>
127
973
  <param pos="2" name="openssh.comment"/>
128
974
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -132,14 +978,13 @@
132
978
  <param pos="0" name="os.vendor" value="Ubuntu"/>
133
979
  <param pos="0" name="os.family" value="Linux"/>
134
980
  <param pos="0" name="os.product" value="Linux"/>
135
- <param pos="0" name="os.version" value="7.04"/>
136
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:7.04"/>
981
+ <param pos="0" name="os.version" value="15.10"/>
982
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:15.10"/>
137
983
  </fingerprint>
138
- <fingerprint pattern="^OpenSSH_(4\.6p1) (Debian-5ubuntu\d+(?:\.\d+)?)$">
139
- <description>OpenSSH running on Ubuntu 7.10</description>
140
- <example>OpenSSH_4.6p1 Debian-5ubuntu0.2</example>
141
- <example>OpenSSH_4.6p1 Debian-5ubuntu0.5</example>
142
- <example>OpenSSH_4.6p1 Debian-5ubuntu0.6</example>
984
+
985
+ <fingerprint pattern="^OpenSSH_(7\.2p2) (Ubuntu-4ubuntu\d(?:\.\d)?)$">
986
+ <description>OpenSSH running on Ubuntu 16.04 (vivid)</description>
987
+ <example service.version="7.2p2" openssh.comment="Ubuntu-4ubuntu2.7">OpenSSH_7.2p2 Ubuntu-4ubuntu2.7</example>
143
988
  <param pos="1" name="service.version"/>
144
989
  <param pos="2" name="openssh.comment"/>
145
990
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -149,12 +994,13 @@
149
994
  <param pos="0" name="os.vendor" value="Ubuntu"/>
150
995
  <param pos="0" name="os.family" value="Linux"/>
151
996
  <param pos="0" name="os.product" value="Linux"/>
152
- <param pos="0" name="os.version" value="7.10"/>
153
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:7.10"/>
997
+ <param pos="0" name="os.version" value="16.04"/>
998
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:16.04"/>
154
999
  </fingerprint>
155
- <fingerprint pattern="^OpenSSH_(4\.6p1) (Debian-5build1)$">
156
- <description>OpenSSH running on very early versions of Ubuntu 7.10</description>
157
- <example service.version="4.6p1" openssh.comment="Debian-5build1">OpenSSH_4.6p1 Debian-5build1</example>
1000
+
1001
+ <fingerprint pattern="^OpenSSH_(7\.3p1) (Ubuntu-1)$">
1002
+ <description>OpenSSH running on Ubuntu 16.10</description>
1003
+ <example service.version="7.3p1" openssh.comment="Ubuntu-1">OpenSSH_7.3p1 Ubuntu-1</example>
158
1004
  <param pos="1" name="service.version"/>
159
1005
  <param pos="2" name="openssh.comment"/>
160
1006
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -164,13 +1010,13 @@
164
1010
  <param pos="0" name="os.vendor" value="Ubuntu"/>
165
1011
  <param pos="0" name="os.family" value="Linux"/>
166
1012
  <param pos="0" name="os.product" value="Linux"/>
167
- <param pos="0" name="os.version" value="7.10"/>
168
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:7.10"/>
1013
+ <param pos="0" name="os.version" value="16.10"/>
1014
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:16.10"/>
169
1015
  </fingerprint>
170
- <fingerprint pattern="^OpenSSH_(4\.7p1) (Debian-8ubuntu\d+(?:\.\d+)?)$">
171
- <description>OpenSSH running on Ubuntu 8.04</description>
172
- <example service.version="4.7p1" openssh.comment="Debian-8ubuntu1.2">OpenSSH_4.7p1 Debian-8ubuntu1.2</example>
173
- <example service.version="4.7p1" openssh.comment="Debian-8ubuntu3">OpenSSH_4.7p1 Debian-8ubuntu3</example>
1016
+
1017
+ <fingerprint pattern="^OpenSSH_(7\.4p1) (Ubuntu-10)$">
1018
+ <description>OpenSSH running on Ubuntu 17.04</description>
1019
+ <example service.version="7.4p1" openssh.comment="Ubuntu-10">OpenSSH_7.4p1 Ubuntu-10</example>
174
1020
  <param pos="1" name="service.version"/>
175
1021
  <param pos="2" name="openssh.comment"/>
176
1022
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -180,12 +1026,13 @@
180
1026
  <param pos="0" name="os.vendor" value="Ubuntu"/>
181
1027
  <param pos="0" name="os.family" value="Linux"/>
182
1028
  <param pos="0" name="os.product" value="Linux"/>
183
- <param pos="0" name="os.version" value="8.04"/>
184
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:8.04"/>
1029
+ <param pos="0" name="os.version" value="17.04"/>
1030
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:17.04"/>
185
1031
  </fingerprint>
186
- <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-3ubuntu\d+(?:\.\d+)?)$">
187
- <description>OpenSSH running on Ubuntu 8.10</description>
188
- <example>OpenSSH_5.1p1 Debian-3ubuntu1</example>
1032
+
1033
+ <fingerprint pattern="^OpenSSH_(7\.5p1) (Ubuntu-10ubuntu\d(?:\.\d)?)$">
1034
+ <description>OpenSSH running on Ubuntu 17.10</description>
1035
+ <example service.version="7.5p1" openssh.comment="Ubuntu-10ubuntu0.1">OpenSSH_7.5p1 Ubuntu-10ubuntu0.1</example>
189
1036
  <param pos="1" name="service.version"/>
190
1037
  <param pos="2" name="openssh.comment"/>
191
1038
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -195,12 +1042,13 @@
195
1042
  <param pos="0" name="os.vendor" value="Ubuntu"/>
196
1043
  <param pos="0" name="os.family" value="Linux"/>
197
1044
  <param pos="0" name="os.product" value="Linux"/>
198
- <param pos="0" name="os.version" value="8.10"/>
199
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:8.10"/>
1045
+ <param pos="0" name="os.version" value="17.10"/>
1046
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:17.10"/>
200
1047
  </fingerprint>
201
- <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-5ubuntu\d+(?:\.\d+)?)$">
202
- <description>OpenSSH running on Ubuntu 9.04</description>
203
- <example>OpenSSH_5.1p1 Debian-5ubuntu1</example>
1048
+
1049
+ <fingerprint pattern="^OpenSSH_(7\.6p1) (Ubuntu-4ubuntu\d(?:\.\d)?)$">
1050
+ <description>OpenSSH running on Ubuntu 18.04</description>
1051
+ <example service.version="7.6p1" openssh.comment="Ubuntu-4ubuntu0.3">OpenSSH_7.6p1 Ubuntu-4ubuntu0.3</example>
204
1052
  <param pos="1" name="service.version"/>
205
1053
  <param pos="2" name="openssh.comment"/>
206
1054
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -210,12 +1058,13 @@
210
1058
  <param pos="0" name="os.vendor" value="Ubuntu"/>
211
1059
  <param pos="0" name="os.family" value="Linux"/>
212
1060
  <param pos="0" name="os.product" value="Linux"/>
213
- <param pos="0" name="os.version" value="9.04"/>
214
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:9.04"/>
1061
+ <param pos="0" name="os.version" value="18.04"/>
1062
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:18.04"/>
215
1063
  </fingerprint>
216
- <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-6ubuntu\d+(?:\.\d+)?)$">
217
- <description>OpenSSH running on Ubuntu 9.10</description>
218
- <example>OpenSSH_5.1p1 Debian-6ubuntu2</example>
1064
+
1065
+ <fingerprint pattern="^OpenSSH_(7\.7p1) (Ubuntu-4)$">
1066
+ <description>OpenSSH running on Ubuntu 18.10</description>
1067
+ <example service.version="7.7p1" openssh.comment="Ubuntu-4">OpenSSH_7.7p1 Ubuntu-4</example>
219
1068
  <param pos="1" name="service.version"/>
220
1069
  <param pos="2" name="openssh.comment"/>
221
1070
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -225,17 +1074,13 @@
225
1074
  <param pos="0" name="os.vendor" value="Ubuntu"/>
226
1075
  <param pos="0" name="os.family" value="Linux"/>
227
1076
  <param pos="0" name="os.product" value="Linux"/>
228
- <param pos="0" name="os.version" value="9.10"/>
229
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:9.10"/>
1077
+ <param pos="0" name="os.version" value="18.10"/>
1078
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:18.10"/>
230
1079
  </fingerprint>
231
- <fingerprint pattern="^OpenSSH_(5\.3p1) (Debian-3ubuntu\d+(?:\.\d+)?)$">
232
- <description>OpenSSH running on Ubuntu 10.04 (lucid)</description>
233
- <example service.version="5.3p1" openssh.comment="Debian-3ubuntu3">OpenSSH_5.3p1 Debian-3ubuntu3</example>
234
- <example service.version="5.3p1" openssh.comment="Debian-3ubuntu4">OpenSSH_5.3p1 Debian-3ubuntu4</example>
235
- <example service.version="5.3p1" openssh.comment="Debian-3ubuntu5">OpenSSH_5.3p1 Debian-3ubuntu5</example>
236
- <example service.version="5.3p1" openssh.comment="Debian-3ubuntu6">OpenSSH_5.3p1 Debian-3ubuntu6</example>
237
- <example service.version="5.3p1" openssh.comment="Debian-3ubuntu7">OpenSSH_5.3p1 Debian-3ubuntu7</example>
238
- <example service.version="5.3p1" openssh.comment="Debian-3ubuntu7.1">OpenSSH_5.3p1 Debian-3ubuntu7.1</example>
1080
+
1081
+ <fingerprint pattern="^OpenSSH_(7\.9p1) (Ubuntu-10)$">
1082
+ <description>OpenSSH running on Ubuntu 19.04</description>
1083
+ <example service.version="7.9p1" openssh.comment="Ubuntu-10">OpenSSH_7.9p1 Ubuntu-10</example>
239
1084
  <param pos="1" name="service.version"/>
240
1085
  <param pos="2" name="openssh.comment"/>
241
1086
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -245,14 +1090,13 @@
245
1090
  <param pos="0" name="os.vendor" value="Ubuntu"/>
246
1091
  <param pos="0" name="os.family" value="Linux"/>
247
1092
  <param pos="0" name="os.product" value="Linux"/>
248
- <param pos="0" name="os.version" value="10.04"/>
249
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:10.04"/>
1093
+ <param pos="0" name="os.version" value="19.04"/>
1094
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:19.04"/>
250
1095
  </fingerprint>
251
- <fingerprint pattern="^OpenSSH_(5\.5p1) (Debian-4ubuntu\d+(?:\.\d+)?)$">
252
- <description>OpenSSH running on Ubuntu 10.10</description>
253
- <example service.version="5.5p1" openssh.comment="Debian-4ubuntu4">OpenSSH_5.5p1 Debian-4ubuntu4</example>
254
- <example service.version="5.5p1" openssh.comment="Debian-4ubuntu5">OpenSSH_5.5p1 Debian-4ubuntu5</example>
255
- <example service.version="5.5p1" openssh.comment="Debian-4ubuntu6">OpenSSH_5.5p1 Debian-4ubuntu6</example>
1096
+
1097
+ <fingerprint pattern="^OpenSSH_(8\.0p1) (Ubuntu-6build1)$">
1098
+ <description>OpenSSH running on Ubuntu 19.10</description>
1099
+ <example service.version="8.0p1" openssh.comment="Ubuntu-6build1">OpenSSH_8.0p1 Ubuntu-6build1</example>
256
1100
  <param pos="1" name="service.version"/>
257
1101
  <param pos="2" name="openssh.comment"/>
258
1102
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -262,12 +1106,13 @@
262
1106
  <param pos="0" name="os.vendor" value="Ubuntu"/>
263
1107
  <param pos="0" name="os.family" value="Linux"/>
264
1108
  <param pos="0" name="os.product" value="Linux"/>
265
- <param pos="0" name="os.version" value="10.10"/>
266
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:10.10"/>
1109
+ <param pos="0" name="os.version" value="19.10"/>
1110
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:19.10"/>
267
1111
  </fingerprint>
268
- <fingerprint pattern="^OpenSSH_(5\.8p1) (Debian-1ubuntu\d(?:\.\d)?)$">
269
- <description>OpenSSH running on Ubuntu 11.04</description>
270
- <example>OpenSSH_5.8p1 Debian-1ubuntu3</example>
1112
+
1113
+ <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Ubuntu-\d\d?)$">
1114
+ <description>OpenSSH running on Ubuntu (unknown release)</description>
1115
+ <example service.version="7.6p1" openssh.comment="Ubuntu-2">OpenSSH_7.6p1 Ubuntu-2</example>
271
1116
  <param pos="1" name="service.version"/>
272
1117
  <param pos="2" name="openssh.comment"/>
273
1118
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -277,12 +1122,12 @@
277
1122
  <param pos="0" name="os.vendor" value="Ubuntu"/>
278
1123
  <param pos="0" name="os.family" value="Linux"/>
279
1124
  <param pos="0" name="os.product" value="Linux"/>
280
- <param pos="0" name="os.version" value="11.04"/>
281
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:11.04"/>
1125
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:-"/>
282
1126
  </fingerprint>
283
- <fingerprint pattern="^OpenSSH_(5\.8p1) (Debian-7ubuntu\d(?:\.\d)?)$">
284
- <description>OpenSSH running on Ubuntu 11.10</description>
285
- <example>OpenSSH_5.8p1 Debian-7ubuntu1</example>
1127
+
1128
+ <fingerprint pattern="^OpenSSH_([^\s]+)\s+((?:Debian|Ubuntu).+ubuntu.*)$">
1129
+ <description>OpenSSH running on Ubuntu</description>
1130
+ <example service.version="7.2p3" openssh.comment="Ubuntu-4ubuntu2.2">OpenSSH_7.2p3 Ubuntu-4ubuntu2.2</example>
286
1131
  <param pos="1" name="service.version"/>
287
1132
  <param pos="2" name="openssh.comment"/>
288
1133
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -292,118 +1137,133 @@
292
1137
  <param pos="0" name="os.vendor" value="Ubuntu"/>
293
1138
  <param pos="0" name="os.family" value="Linux"/>
294
1139
  <param pos="0" name="os.product" value="Linux"/>
295
- <param pos="0" name="os.version" value="11.10"/>
296
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:11.10"/>
1140
+ <param pos="0" name="os.certainty" value="0.75"/>
1141
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:-"/>
297
1142
  </fingerprint>
298
- <fingerprint pattern="^OpenSSH_(5\.9p1) (Debian-5ubuntu\d(?:\.\d)?)$">
299
- <description>OpenSSH running on Ubuntu 12.04</description>
300
- <example service.version="5.9p1" openssh.comment="Debian-5ubuntu1">OpenSSH_5.9p1 Debian-5ubuntu1</example>
301
- <example service.version="5.9p1" openssh.comment="Debian-5ubuntu1.4">OpenSSH_5.9p1 Debian-5ubuntu1.4</example>
1143
+
1144
+ <!-- Debian -->
1145
+
1146
+ <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian.+woody.*)$">
1147
+ <description>OpenSSH running on Debian 3.0 (woody)</description>
1148
+ <example service.version="3.4p1" openssh.comment="Debian 1:3.4p1-1.woody.3">OpenSSH_3.4p1 Debian 1:3.4p1-1.woody.3</example>
302
1149
  <param pos="1" name="service.version"/>
303
1150
  <param pos="2" name="openssh.comment"/>
304
1151
  <param pos="0" name="service.vendor" value="OpenBSD"/>
305
1152
  <param pos="0" name="service.family" value="OpenSSH"/>
306
1153
  <param pos="0" name="service.product" value="OpenSSH"/>
307
1154
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
308
- <param pos="0" name="os.vendor" value="Ubuntu"/>
1155
+ <param pos="0" name="os.vendor" value="Debian"/>
309
1156
  <param pos="0" name="os.family" value="Linux"/>
310
1157
  <param pos="0" name="os.product" value="Linux"/>
311
- <param pos="0" name="os.version" value="12.04"/>
312
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:12.04"/>
1158
+ <param pos="0" name="os.version" value="3.0"/>
1159
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:3.0"/>
313
1160
  </fingerprint>
314
- <fingerprint pattern="^OpenSSH_(6\.0p1) (Debian-3ubuntu\d(?:\.\d)?)$">
315
- <description>OpenSSH running on Ubuntu 12.10</description>
316
- <example>OpenSSH_6.0p1 Debian-3ubuntu1</example>
1161
+
1162
+ <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian.+sarge.*)$">
1163
+ <description>OpenSSH running on Debian 3.1 (sarge)</description>
1164
+ <example service.version="3.8.1p1" openssh.comment="Debian-8.sarge.4">OpenSSH_3.8.1p1 Debian-8.sarge.4</example>
317
1165
  <param pos="1" name="service.version"/>
318
1166
  <param pos="2" name="openssh.comment"/>
319
1167
  <param pos="0" name="service.vendor" value="OpenBSD"/>
320
1168
  <param pos="0" name="service.family" value="OpenSSH"/>
321
1169
  <param pos="0" name="service.product" value="OpenSSH"/>
322
1170
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
323
- <param pos="0" name="os.vendor" value="Ubuntu"/>
1171
+ <param pos="0" name="os.vendor" value="Debian"/>
324
1172
  <param pos="0" name="os.family" value="Linux"/>
325
1173
  <param pos="0" name="os.product" value="Linux"/>
326
- <param pos="0" name="os.version" value="12.10"/>
327
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:12.10"/>
1174
+ <param pos="0" name="os.version" value="3.1"/>
1175
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:3.1"/>
328
1176
  </fingerprint>
329
- <fingerprint pattern="^OpenSSH_(6\.1p1) (Debian-4)$">
330
- <description>OpenSSH running on Ubuntu 13.04</description>
331
- <example>OpenSSH_6.1p1 Debian-4</example>
1177
+
1178
+ <fingerprint pattern="^OpenSSH_(4\.3p2) (Debian-9.*)$">
1179
+ <description>OpenSSH running on Debian 4.0 (etch)</description>
1180
+ <example service.version="4.3p2" openssh.comment="Debian-9">OpenSSH_4.3p2 Debian-9</example>
1181
+ <example service.version="4.3p2" openssh.comment="Debian-9etch3">OpenSSH_4.3p2 Debian-9etch3</example>
332
1182
  <param pos="1" name="service.version"/>
333
1183
  <param pos="2" name="openssh.comment"/>
334
1184
  <param pos="0" name="service.vendor" value="OpenBSD"/>
335
1185
  <param pos="0" name="service.family" value="OpenSSH"/>
336
1186
  <param pos="0" name="service.product" value="OpenSSH"/>
337
1187
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
338
- <param pos="0" name="os.vendor" value="Ubuntu"/>
1188
+ <param pos="0" name="os.vendor" value="Debian"/>
339
1189
  <param pos="0" name="os.family" value="Linux"/>
340
1190
  <param pos="0" name="os.product" value="Linux"/>
341
- <param pos="0" name="os.version" value="13.04"/>
342
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:13.04"/>
1191
+ <param pos="0" name="os.version" value="4.0"/>
1192
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:4.0"/>
343
1193
  </fingerprint>
344
- <fingerprint pattern="^OpenSSH_(\d+\.\d+(?:\.\d+)?(?:p\d+)?)[_|-](hpn\d+v\d+)$">
345
- <description>OpenSSH with HPN patches</description>
346
- <example service.version="6.1" openssh.comment="hpn13v11">OpenSSH_6.1_hpn13v11</example>
347
- <example service.version="5.8p1" openssh.comment="hpn13v11">OpenSSH_5.8p1-hpn13v11</example>
348
- <example service.version="5.8p1" openssh.comment="hpn14v9">OpenSSH_5.8p1-hpn14v9</example>
1194
+
1195
+ <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-5)$">
1196
+ <description>OpenSSH running on Debian 5.0 (also 5.10)</description>
1197
+ <example service.version="5.1p1" openssh.comment="Debian-5">OpenSSH_5.1p1 Debian-5</example>
349
1198
  <param pos="1" name="service.version"/>
350
1199
  <param pos="2" name="openssh.comment"/>
351
1200
  <param pos="0" name="service.vendor" value="OpenBSD"/>
352
1201
  <param pos="0" name="service.family" value="OpenSSH"/>
353
1202
  <param pos="0" name="service.product" value="OpenSSH"/>
354
1203
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
1204
+ <param pos="0" name="os.vendor" value="Debian"/>
1205
+ <param pos="0" name="os.family" value="Linux"/>
1206
+ <param pos="0" name="os.product" value="Linux"/>
1207
+ <param pos="0" name="os.version" value="5.0"/>
1208
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:5.0"/>
355
1209
  </fingerprint>
356
- <fingerprint pattern="^OpenSSH_(6\.6(?:\.\d)?p1) (Ubuntu-2ubuntu\d+(?:\.\d+)?)$">
357
- <description>OpenSSH running on Ubuntu 14.04</description>
358
- <example service.version="6.6p1" openssh.comment="Ubuntu-2ubuntu1">OpenSSH_6.6p1 Ubuntu-2ubuntu1</example>
359
- <example service.version="6.6.1p1" openssh.comment="Ubuntu-2ubuntu2">OpenSSH_6.6.1p1 Ubuntu-2ubuntu2</example>
1210
+
1211
+ <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-\d+[+~]squeeze.*)$">
1212
+ <description>OpenSSH running on Debian 6.0 (squeeze)</description>
1213
+ <example service.version="5.5p1" openssh.comment="Debian-6+squeeze4">OpenSSH_5.5p1 Debian-6+squeeze4</example>
1214
+ <example service.version="5.5p1" openssh.comment="Debian-26+squeeze7">OpenSSH_5.5p1 Debian-26+squeeze7</example>
1215
+ <example service.version="5.8p1" openssh.comment="Debian-4~squeeze+1">OpenSSH_5.8p1 Debian-4~squeeze+1</example>
360
1216
  <param pos="1" name="service.version"/>
361
1217
  <param pos="2" name="openssh.comment"/>
362
1218
  <param pos="0" name="service.vendor" value="OpenBSD"/>
363
1219
  <param pos="0" name="service.family" value="OpenSSH"/>
364
1220
  <param pos="0" name="service.product" value="OpenSSH"/>
365
1221
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
366
- <param pos="0" name="os.vendor" value="Ubuntu"/>
1222
+ <param pos="0" name="os.vendor" value="Debian"/>
367
1223
  <param pos="0" name="os.family" value="Linux"/>
368
1224
  <param pos="0" name="os.product" value="Linux"/>
369
- <param pos="0" name="os.version" value="14.04"/>
370
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:14.04"/>
1225
+ <param pos="0" name="os.version" value="6.0"/>
1226
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:6.0"/>
371
1227
  </fingerprint>
372
- <fingerprint pattern="^OpenSSH_(6\.7p1) (Ubuntu-5ubuntu\d(?:\.\d)?)$">
373
- <description>OpenSSH running on Ubuntu 15.04 (vivid)</description>
374
- <example service.version="6.7p1" openssh.comment="Ubuntu-5ubuntu1">OpenSSH_6.7p1 Ubuntu-5ubuntu1</example>
1228
+
1229
+ <fingerprint pattern="^OpenSSH_(5\.5p1) (Debian-6)$">
1230
+ <description>OpenSSH running on Debian 6.0 (w/o squeeze in banner)</description>
1231
+ <example service.version="5.5p1" openssh.comment="Debian-6">OpenSSH_5.5p1 Debian-6</example>
375
1232
  <param pos="1" name="service.version"/>
376
1233
  <param pos="2" name="openssh.comment"/>
377
1234
  <param pos="0" name="service.vendor" value="OpenBSD"/>
378
1235
  <param pos="0" name="service.family" value="OpenSSH"/>
379
1236
  <param pos="0" name="service.product" value="OpenSSH"/>
380
1237
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
381
- <param pos="0" name="os.vendor" value="Ubuntu"/>
1238
+ <param pos="0" name="os.vendor" value="Debian"/>
382
1239
  <param pos="0" name="os.family" value="Linux"/>
383
1240
  <param pos="0" name="os.product" value="Linux"/>
384
- <param pos="0" name="os.version" value="15.04"/>
385
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:15.04"/>
1241
+ <param pos="0" name="os.version" value="6.0"/>
1242
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:6.0"/>
386
1243
  </fingerprint>
387
- <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Ubuntu-\d\d?)$">
388
- <description>OpenSSH running on Ubuntu (unknown release)</description>
389
- <example service.version="7.4p1" openssh.comment="Ubuntu-10">OpenSSH_7.4p1 Ubuntu-10</example>
390
- <example service.version="7.6p1" openssh.comment="Ubuntu-2">OpenSSH_7.6p1 Ubuntu-2</example>
1244
+
1245
+ <!-- More specific than and should preceed the 7.0 match -->
1246
+
1247
+ <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-4\+deb7u2)$">
1248
+ <description>OpenSSH running on Debian 7.8 (wheezy)</description>
1249
+ <example service.version="6.0p1" openssh.comment="Debian-4+deb7u2">OpenSSH_6.0p1 Debian-4+deb7u2</example>
391
1250
  <param pos="1" name="service.version"/>
392
1251
  <param pos="2" name="openssh.comment"/>
393
1252
  <param pos="0" name="service.vendor" value="OpenBSD"/>
394
1253
  <param pos="0" name="service.family" value="OpenSSH"/>
395
1254
  <param pos="0" name="service.product" value="OpenSSH"/>
396
1255
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
397
- <param pos="0" name="os.vendor" value="Ubuntu"/>
1256
+ <param pos="0" name="os.vendor" value="Debian"/>
398
1257
  <param pos="0" name="os.family" value="Linux"/>
399
1258
  <param pos="0" name="os.product" value="Linux"/>
400
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:-"/>
1259
+ <param pos="0" name="os.version" value="7.8"/>
1260
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:7.8"/>
401
1261
  </fingerprint>
1262
+
402
1263
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-4(?:\+deb7u\d+)?)$">
403
1264
  <description>OpenSSH running on Debian 7.x (wheezy)</description>
404
1265
  <example service.version="6.0p1" openssh.comment="Debian-4">OpenSSH_6.0p1 Debian-4</example>
405
1266
  <example service.version="6.0p1" openssh.comment="Debian-4+deb7u1">OpenSSH_6.0p1 Debian-4+deb7u1</example>
406
- <example service.version="6.0p1" openssh.comment="Debian-4+deb7u2">OpenSSH_6.0p1 Debian-4+deb7u2</example>
407
1267
  <param pos="1" name="service.version"/>
408
1268
  <param pos="2" name="openssh.comment"/>
409
1269
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -416,6 +1276,7 @@
416
1276
  <param pos="0" name="os.version" value="7.0"/>
417
1277
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:7.0"/>
418
1278
  </fingerprint>
1279
+
419
1280
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-\d~bpo7\d?\+\d+)$">
420
1281
  <description>OpenSSH backport running on Debian 7.x (wheezy)</description>
421
1282
  <example service.version="6.6.1p1" openssh.comment="Debian-4~bpo70+1">OpenSSH_6.6.1p1 Debian-4~bpo70+1</example>
@@ -432,10 +1293,12 @@
432
1293
  <param pos="0" name="os.version" value="7.0"/>
433
1294
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:7.0"/>
434
1295
  </fingerprint>
1296
+
435
1297
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-5\+deb8u\d+.*)$">
436
1298
  <description>OpenSSH running on Debian 8.x (jessie)</description>
437
1299
  <example service.version="6.7p1" openssh.comment="Debian-5+deb8u2">OpenSSH_6.7p1 Debian-5+deb8u2</example>
438
1300
  <example service.version="6.7p1" openssh.comment="Debian-5+deb8u1~ui80+7">OpenSSH_6.7p1 Debian-5+deb8u1~ui80+7</example>
1301
+ <example service.version="6.7p1" openssh.comment="Debian-5+deb8u8">OpenSSH_6.7p1 Debian-5+deb8u8</example>
439
1302
  <param pos="1" name="service.version"/>
440
1303
  <param pos="2" name="openssh.comment"/>
441
1304
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -448,6 +1311,7 @@
448
1311
  <param pos="0" name="os.version" value="8.0"/>
449
1312
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:8.0"/>
450
1313
  </fingerprint>
1314
+
451
1315
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-\d\d?\+deb9u\d+)$">
452
1316
  <description>OpenSSH running on Debian 9.x (stretch)</description>
453
1317
  <example service.version="7.4p1" openssh.comment="Debian-10+deb9u1">OpenSSH_7.4p1 Debian-10+deb9u1</example>
@@ -464,11 +1328,11 @@
464
1328
  <param pos="0" name="os.version" value="9.0"/>
465
1329
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:9.0"/>
466
1330
  </fingerprint>
467
- <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-\d+[+~]squeeze.*)$">
468
- <description>OpenSSH running on Debian 6.0 (squeeze)</description>
469
- <example service.version="5.5p1" openssh.comment="Debian-6+squeeze4">OpenSSH_5.5p1 Debian-6+squeeze4</example>
470
- <example service.version="5.5p1" openssh.comment="Debian-26+squeeze7">OpenSSH_5.5p1 Debian-26+squeeze7</example>
471
- <example service.version="5.8p1" openssh.comment="Debian-4~squeeze+1">OpenSSH_5.8p1 Debian-4~squeeze+1</example>
1331
+
1332
+ <fingerprint pattern="^OpenSSH_(7\.9p1) (Debian-10|Debian-\d\d?\+deb10u\d+)$">
1333
+ <description>OpenSSH running on Debian 10.x (buster)</description>
1334
+ <example service.version="7.9p1" openssh.comment="Debian-10">OpenSSH_7.9p1 Debian-10</example>
1335
+ <example service.version="7.9p1" openssh.comment="Debian-10+deb10u6">OpenSSH_7.9p1 Debian-10+deb10u6</example>
472
1336
  <param pos="1" name="service.version"/>
473
1337
  <param pos="2" name="openssh.comment"/>
474
1338
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -478,27 +1342,14 @@
478
1342
  <param pos="0" name="os.vendor" value="Debian"/>
479
1343
  <param pos="0" name="os.family" value="Linux"/>
480
1344
  <param pos="0" name="os.product" value="Linux"/>
481
- <param pos="0" name="os.version" value="6.0"/>
482
- <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:6.0"/>
483
- </fingerprint>
484
- <fingerprint pattern="^OpenSSH_([^\s]+)\s+((?:Debian|Ubuntu).+ubuntu.*)$">
485
- <description>OpenSSH running on Ubuntu</description>
486
- <example service.version="7.2p2" openssh.comment="Ubuntu-4ubuntu2.2">OpenSSH_7.2p2 Ubuntu-4ubuntu2.2</example>
487
- <param pos="1" name="service.version"/>
488
- <param pos="2" name="openssh.comment"/>
489
- <param pos="0" name="service.vendor" value="OpenBSD"/>
490
- <param pos="0" name="service.family" value="OpenSSH"/>
491
- <param pos="0" name="service.product" value="OpenSSH"/>
492
- <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
493
- <param pos="0" name="os.vendor" value="Ubuntu"/>
494
- <param pos="0" name="os.family" value="Linux"/>
495
- <param pos="0" name="os.product" value="Linux"/>
496
- <param pos="0" name="os.certainty" value="0.75"/>
497
- <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:-"/>
1345
+ <param pos="0" name="os.version" value="10.0"/>
1346
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:10.0"/>
498
1347
  </fingerprint>
499
- <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian.+etch.*)$">
500
- <description>OpenSSH running on Debian 4.0 (etch)</description>
501
- <example service.version="4.3p2" openssh.comment="Debian-9etch3">OpenSSH_4.3p2 Debian-9etch3</example>
1348
+
1349
+ <fingerprint pattern="^OpenSSH_(8\.1p1) (Debian-1|Debian-\d\d?\+deb11u\d+)$">
1350
+ <description>OpenSSH running on Debian 11.x (bullseye)</description>
1351
+ <example service.version="8.1p1" openssh.comment="Debian-1">OpenSSH_8.1p1 Debian-1</example>
1352
+ <example service.version="8.1p1" openssh.comment="Debian-1+deb11u1">OpenSSH_8.1p1 Debian-1+deb11u1</example>
502
1353
  <param pos="1" name="service.version"/>
503
1354
  <param pos="2" name="openssh.comment"/>
504
1355
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -508,12 +1359,15 @@
508
1359
  <param pos="0" name="os.vendor" value="Debian"/>
509
1360
  <param pos="0" name="os.family" value="Linux"/>
510
1361
  <param pos="0" name="os.product" value="Linux"/>
511
- <param pos="0" name="os.version" value="4.0"/>
512
- <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:4.0"/>
1362
+ <param pos="0" name="os.version" value="11.0"/>
1363
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:11.0"/>
513
1364
  </fingerprint>
514
- <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian.+sarge.*)$">
515
- <description>OpenSSH running on Debian 3.1 (sarge)</description>
516
- <example service.version="3.8.1p1" openssh.comment="Debian-8.sarge.4">OpenSSH_3.8.1p1 Debian-8.sarge.4</example>
1365
+
1366
+ <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-\d+(?:[~]?bpo[.]?\d+)?)$">
1367
+ <description>OpenSSH running on Debian (unknown release)</description>
1368
+ <example service.version="4.3p2" openssh.comment="Debian-5~bpo.1">OpenSSH_4.3p2 Debian-5~bpo.1</example>
1369
+ <example service.version="4.2p1" openssh.comment="Debian-4bpo1">OpenSSH_4.2p1 Debian-4bpo1</example>
1370
+ <example service.version="7.4p1" openssh.comment="Debian-10">OpenSSH_7.4p1 Debian-10</example>
517
1371
  <param pos="1" name="service.version"/>
518
1372
  <param pos="2" name="openssh.comment"/>
519
1373
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -523,45 +1377,49 @@
523
1377
  <param pos="0" name="os.vendor" value="Debian"/>
524
1378
  <param pos="0" name="os.family" value="Linux"/>
525
1379
  <param pos="0" name="os.product" value="Linux"/>
526
- <param pos="0" name="os.version" value="3.1"/>
527
- <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:3.1"/>
1380
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:-"/>
528
1381
  </fingerprint>
529
- <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian.+woody.*)$">
530
- <description>OpenSSH running on Debian 3.0 (woody)</description>
531
- <example service.version="3.4p1" openssh.comment="Debian 1:3.4p1-1.woody.3">OpenSSH_3.4p1 Debian 1:3.4p1-1.woody.3</example>
1382
+
1383
+ <!-- Raspbian -->
1384
+
1385
+ <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Raspbian-5\+deb8u\d+)$">
1386
+ <description>OpenSSH running on Raspbian (Debian 8 "Jessie" based)</description>
1387
+ <example service.version="6.7p1" openssh.comment="Raspbian-5+deb8u1">OpenSSH_6.7p1 Raspbian-5+deb8u1</example>
1388
+ <example service.version="6.7p1" openssh.comment="Raspbian-5+deb8u2">OpenSSH_6.7p1 Raspbian-5+deb8u2</example>
532
1389
  <param pos="1" name="service.version"/>
533
1390
  <param pos="2" name="openssh.comment"/>
534
1391
  <param pos="0" name="service.vendor" value="OpenBSD"/>
535
1392
  <param pos="0" name="service.family" value="OpenSSH"/>
536
1393
  <param pos="0" name="service.product" value="OpenSSH"/>
537
1394
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
538
- <param pos="0" name="os.vendor" value="Debian"/>
1395
+ <param pos="0" name="os.vendor" value="Raspbian"/>
539
1396
  <param pos="0" name="os.family" value="Linux"/>
540
1397
  <param pos="0" name="os.product" value="Linux"/>
541
- <param pos="0" name="os.version" value="3.0"/>
542
- <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:3.0"/>
1398
+ <param pos="0" name="os.version" value="8.0"/>
1399
+ <param pos="0" name="hw.product" value="Raspberry Pi"/>
543
1400
  </fingerprint>
544
- <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-\d+(?:[~]?bpo[.]?\d+)?)$">
545
- <description>OpenSSH running on Debian (unknown release)</description>
546
- <example service.version="5.5p1" openssh.comment="Debian-6">OpenSSH_5.5p1 Debian-6</example>
547
- <example service.version="4.3p2" openssh.comment="Debian-5~bpo.1">OpenSSH_4.3p2 Debian-5~bpo.1</example>
548
- <example service.version="4.2p1" openssh.comment="Debian-4bpo1">OpenSSH_4.2p1 Debian-4bpo1</example>
549
- <example service.version="7.4p1" openssh.comment="Debian-10">OpenSSH_7.4p1 Debian-10</example>
1401
+
1402
+ <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Raspbian-\d\d?\+deb9u\d+)$">
1403
+ <description>OpenSSH running on Raspbian (Debian 9 "Stretch" based)</description>
1404
+ <example service.version="7.4p1" openssh.comment="Raspbian-10+deb9u1">OpenSSH_7.4p1 Raspbian-10+deb9u1</example>
1405
+ <example service.version="7.4p1" openssh.comment="Raspbian-9+deb9u1">OpenSSH_7.4p1 Raspbian-9+deb9u1</example>
550
1406
  <param pos="1" name="service.version"/>
551
1407
  <param pos="2" name="openssh.comment"/>
552
1408
  <param pos="0" name="service.vendor" value="OpenBSD"/>
553
1409
  <param pos="0" name="service.family" value="OpenSSH"/>
554
1410
  <param pos="0" name="service.product" value="OpenSSH"/>
555
1411
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
556
- <param pos="0" name="os.vendor" value="Debian"/>
1412
+ <param pos="0" name="os.vendor" value="Raspbian"/>
557
1413
  <param pos="0" name="os.family" value="Linux"/>
558
1414
  <param pos="0" name="os.product" value="Linux"/>
559
- <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:-"/>
1415
+ <param pos="0" name="os.version" value="9.0"/>
1416
+ <param pos="0" name="hw.product" value="Raspberry Pi"/>
560
1417
  </fingerprint>
561
- <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Raspbian-\d\d?\+deb9u\d+)$">
562
- <description>OpenSSH running on Raspbian (Debian 9 "Stretch" based)</description>
563
- <example service.version="7.4p1" openssh.comment="Raspbian-10+deb9u1">OpenSSH_7.4p1 Raspbian-10+deb9u1</example>
564
- <example service.version="7.4p1" openssh.comment="Raspbian-9+deb9u1">OpenSSH_7.4p1 Raspbian-9+deb9u1</example>
1418
+
1419
+ <fingerprint pattern="^OpenSSH_(7\.9p1)\s+(Raspbian-(?:10|\d\d?\+deb10u\d+))$">
1420
+ <description>OpenSSH running on Raspbian (Debian 10 "Buster" based)</description>
1421
+ <example service.version="7.9p1" openssh.comment="Raspbian-10">OpenSSH_7.9p1 Raspbian-10</example>
1422
+ <example service.version="7.9p1" openssh.comment="Raspbian-10+deb10u1">OpenSSH_7.9p1 Raspbian-10+deb10u1</example>
565
1423
  <param pos="1" name="service.version"/>
566
1424
  <param pos="2" name="openssh.comment"/>
567
1425
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -571,12 +1429,14 @@
571
1429
  <param pos="0" name="os.vendor" value="Raspbian"/>
572
1430
  <param pos="0" name="os.family" value="Linux"/>
573
1431
  <param pos="0" name="os.product" value="Linux"/>
574
- <param pos="0" name="os.version" value="9.0"/>
1432
+ <param pos="0" name="os.version" value="10.0"/>
1433
+ <param pos="0" name="hw.product" value="Raspberry Pi"/>
575
1434
  </fingerprint>
576
- <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Raspbian-5\+deb8u\d+)$">
577
- <description>OpenSSH running on Raspbian (Debian 8 "Jessie" based)</description>
578
- <example service.version="6.7p1" openssh.comment="Raspbian-5+deb8u1">OpenSSH_6.7p1 Raspbian-5+deb8u1</example>
579
- <example service.version="6.7p1" openssh.comment="Raspbian-5+deb8u2">OpenSSH_6.7p1 Raspbian-5+deb8u2</example>
1435
+
1436
+ <fingerprint pattern="^OpenSSH_(8\.1p1)\s+(Raspbian-(?:1|\d\d?\+deb11u\d+))$">
1437
+ <description>OpenSSH running on Raspbian (Debian 11 "Bullseye" based)</description>
1438
+ <example service.version="8.1p1" openssh.comment="Raspbian-1">OpenSSH_8.1p1 Raspbian-1</example>
1439
+ <example service.version="8.1p1" openssh.comment="Raspbian-1+deb11u1">OpenSSH_8.1p1 Raspbian-1+deb11u1</example>
580
1440
  <param pos="1" name="service.version"/>
581
1441
  <param pos="2" name="openssh.comment"/>
582
1442
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -586,8 +1446,10 @@
586
1446
  <param pos="0" name="os.vendor" value="Raspbian"/>
587
1447
  <param pos="0" name="os.family" value="Linux"/>
588
1448
  <param pos="0" name="os.product" value="Linux"/>
589
- <param pos="0" name="os.version" value="8.0"/>
1449
+ <param pos="0" name="os.version" value="11.0"/>
1450
+ <param pos="0" name="hw.product" value="Raspberry Pi"/>
590
1451
  </fingerprint>
1452
+
591
1453
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Raspbian-\d\d?)$">
592
1454
  <description>OpenSSH running on Raspbian (Debian, unknown release)</description>
593
1455
  <example service.version="7.5p1" openssh.comment="Raspbian-10">OpenSSH_7.5p1 Raspbian-10</example>
@@ -601,7 +1463,11 @@
601
1463
  <param pos="0" name="os.vendor" value="Raspbian"/>
602
1464
  <param pos="0" name="os.family" value="Linux"/>
603
1465
  <param pos="0" name="os.product" value="Linux"/>
1466
+ <param pos="0" name="hw.product" value="Raspberry Pi"/>
604
1467
  </fingerprint>
1468
+
1469
+ <!-- Miscellaneous -->
1470
+
605
1471
  <fingerprint pattern="^OpenSSH_(.*)\+(CAN-[0-9]{4}-[0-9]{4})$">
606
1472
  <description>OpenSSH with CVE patch, as seen in Mac OS X</description>
607
1473
  <example service.version="3.4p1" openssh.cvepatch="CAN-2004-0175">OpenSSH_3.4p1+CAN-2004-0175</example>
@@ -616,6 +1482,7 @@
616
1482
  <param pos="0" name="os.product" value="Mac OS X"/>
617
1483
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:-"/>
618
1484
  </fingerprint>
1485
+
619
1486
  <fingerprint pattern="^OpenSSH_(.*)_Mikrotik_v(.*)$">
620
1487
  <description>OpenSSH on MikroTik</description>
621
1488
  <example service.version="2.3.0" os.version="2.9">OpenSSH_2.3.0_Mikrotik_v2.9</example>
@@ -631,6 +1498,7 @@
631
1498
  <param pos="0" name="os.product" value="RouterOS"/>
632
1499
  <param pos="0" name="os.cpe23" value="cpe:/o:mikrotik:routeros:{os.version}"/>
633
1500
  </fingerprint>
1501
+
634
1502
  <fingerprint pattern="^OpenSSH_(.*)-HipServ$">
635
1503
  <description>OpenSSH on HipServ</description>
636
1504
  <example service.version="4.3">OpenSSH_4.3-HipServ</example>
@@ -644,6 +1512,21 @@
644
1512
  <param pos="0" name="os.family" value="Linux"/>
645
1513
  <param pos="0" name="os.product" value="HipServ"/>
646
1514
  </fingerprint>
1515
+
1516
+ <fingerprint pattern="^OpenSSH_for_Windows_([\d.]+)$">
1517
+ <description>OpenSSH running on Windows</description>
1518
+ <example service.version="7.7">OpenSSH_for_Windows_7.7</example>
1519
+ <param pos="1" name="service.version"/>
1520
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
1521
+ <param pos="0" name="service.family" value="OpenSSH"/>
1522
+ <param pos="0" name="service.product" value="OpenSSH"/>
1523
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
1524
+ <param pos="0" name="os.vendor" value="Microsoft"/>
1525
+ <param pos="0" name="os.family" value="Windows"/>
1526
+ <param pos="0" name="os.product" value="Windows"/>
1527
+ <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1528
+ </fingerprint>
1529
+
647
1530
  <fingerprint pattern="^OpenSSH_(.*) in DesktopAuthority (?:.*)$">
648
1531
  <description>DesktopAuthority SSH</description>
649
1532
  <example service.version="3.8">OpenSSH_3.8 in DesktopAuthority 7.1.091</example>
@@ -657,6 +1540,7 @@
657
1540
  <param pos="0" name="os.product" value="Windows"/>
658
1541
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
659
1542
  </fingerprint>
1543
+
660
1544
  <fingerprint pattern="^OpenSSH_(\d+\.\d+(?:\.\d+)?(?:p\d+)?) ((?:PKIX\s+)?FIPS)$">
661
1545
  <description>OpenSSH with a version and FIPS mode enabled</description>
662
1546
  <example service.version="5.9" openssh.comment="FIPS">OpenSSH_5.9 FIPS</example>
@@ -669,6 +1553,7 @@
669
1553
  <param pos="0" name="service.product" value="OpenSSH"/>
670
1554
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
671
1555
  </fingerprint>
1556
+
672
1557
  <fingerprint pattern="^OpenSSH_(\d+\.\d+(?:\.\d+)?(?:p\d+)?) *$">
673
1558
  <description>OpenSSH with just a version, no comment by vendor</description>
674
1559
  <example service.version="5.9p1">OpenSSH_5.9p1</example>
@@ -681,6 +1566,7 @@
681
1566
  <param pos="0" name="service.product" value="OpenSSH"/>
682
1567
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
683
1568
  </fingerprint>
1569
+
684
1570
  <fingerprint pattern="^OpenSSH$">
685
1571
  <description>OpenSSH w/o version or comment</description>
686
1572
  <example>OpenSSH</example>
@@ -689,7 +1575,9 @@
689
1575
  <param pos="0" name="service.product" value="OpenSSH"/>
690
1576
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:-"/>
691
1577
  </fingerprint>
1578
+
692
1579
  <!-- SSH-1.99-OpenSSH_4.3p2-4.cern-hpn-CERN-4.3p2-4.cern -->
1580
+
693
1581
  <!--<fingerprint pattern="^OpenSSH_?([^\s]*)\s*(.*)$">
694
1582
  <description>Catch all for OpenSSH based SSH servers
695
1583
  ******************** NOTE ********************
@@ -702,8 +1590,12 @@
702
1590
  <param pos="0" name="service.vendor" value="OpenBSD"/>
703
1591
  <param pos="0" name="service.family" value="OpenSSH"/>
704
1592
  <param pos="0" name="service.product" value="OpenSSH"/>
705
- </fingerprint>-->
1593
+ </fingerprint>
1594
+
1595
+ -->
1596
+
706
1597
  <!-- TODO: Handle "vpn3" banners for Cisco 3000 VPN Concentrators (need example banners first) -->
1598
+
707
1599
  <fingerprint pattern="^Cisco-(.*)$">
708
1600
  <description>Cisco SSH banner (could be IOS or PIX), The version always seems to be 1.25</description>
709
1601
  <example service.version="1.25">Cisco-1.25</example>
@@ -715,8 +1607,9 @@
715
1607
  <param pos="0" name="os.certainty" value="0.8"/>
716
1608
  <param pos="0" name="os.cpe23" value="cpe:/o:cisco:ios:-"/>
717
1609
  </fingerprint>
1610
+
718
1611
  <fingerprint pattern="^CISCO_WLC$">
719
- <description>SSH banner from a Cisco Wireless LAN Controller (WLC)</description>
1612
+ <description>SSH banner from a Cisco WLC (WLC)</description>
720
1613
  <example>CISCO_WLC</example>
721
1614
  <param pos="0" name="service.vendor" value="Cisco"/>
722
1615
  <param pos="0" name="service.product" value="SSH"/>
@@ -724,6 +1617,7 @@
724
1617
  <param pos="0" name="os.product" value="Wireless LAN Controller"/>
725
1618
  <param pos="0" name="os.cpe23" value="cpe:/o:cisco:wireless_lan_controller:-"/>
726
1619
  </fingerprint>
1620
+
727
1621
  <fingerprint pattern="(?i)^Cleo (\S+)/(\S+) SSH FTP server$">
728
1622
  <description>Cleo networks Harmony, VLProxy, VLTrader, others</description>
729
1623
  <example service.product="Harmony" service.version="5.5.0.3">Cleo Harmony/5.5.0.3 SSH FTP server</example>
@@ -732,6 +1626,7 @@
732
1626
  <param pos="1" name="service.product"/>
733
1627
  <param pos="2" name="service.version"/>
734
1628
  </fingerprint>
1629
+
735
1630
  <fingerprint pattern="^Sun_SSH_(.*)$">
736
1631
  <description>Sun SSH banner</description>
737
1632
  <example service.version="1.1">Sun_SSH_1.1</example>
@@ -743,6 +1638,7 @@
743
1638
  <param pos="0" name="os.product" value="Solaris"/>
744
1639
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:-"/>
745
1640
  </fingerprint>
1641
+
746
1642
  <fingerprint pattern="^SSH Protocol Compatible Server SCS (.*)$">
747
1643
  <description>Netscreen with version</description>
748
1644
  <param pos="1" name="service.version"/>
@@ -755,6 +1651,7 @@
755
1651
  <param pos="0" name="os.product" value="ScreenOS"/>
756
1652
  <param pos="0" name="os.cpe23" value="cpe:/o:juniper:screenos:-"/>
757
1653
  </fingerprint>
1654
+
758
1655
  <fingerprint pattern="^NetScreen$">
759
1656
  <description>Netscreen generic</description>
760
1657
  <example>NetScreen</example>
@@ -767,11 +1664,13 @@
767
1664
  <param pos="0" name="os.product" value="ScreenOS"/>
768
1665
  <param pos="0" name="os.cpe23" value="cpe:/o:juniper:screenos:-"/>
769
1666
  </fingerprint>
1667
+
770
1668
  <fingerprint pattern="^HUAWEI-(?:[\d\.]+)$">
771
1669
  <description>Huawei generic</description>
772
1670
  <example>HUAWEI-1.5</example>
773
1671
  <param pos="0" name="hw.vendor" value="Huawei"/>
774
1672
  </fingerprint>
1673
+
775
1674
  <fingerprint pattern="^HUAWEI-UMG(\d+)">
776
1675
  <description>Huawei Universal Media Gateway</description>
777
1676
  <example hw.model="8900">HUAWEI-UMG8900</example>
@@ -780,6 +1679,7 @@
780
1679
  <param pos="0" name="hw.device" value="Telecom"/>
781
1680
  <param pos="1" name="hw.model"/>
782
1681
  </fingerprint>
1682
+
783
1683
  <fingerprint pattern="^HUAWEI.VRP.([\d\.]+)$">
784
1684
  <description>Huawei Versatile Routing Platform (VRP)</description>
785
1685
  <example os.version="3.10" service.version="3.10">HUAWEI-VRP-3.10</example>
@@ -794,6 +1694,7 @@
794
1694
  <param pos="0" name="os.product" value="VRP"/>
795
1695
  <param pos="1" name="os.version"/>
796
1696
  </fingerprint>
1697
+
797
1698
  <fingerprint pattern="^([\d.]+)[ _]sshlib:? (?i:GlobalScape)$">
798
1699
  <description>GlobalScape SSH (which uses Bitvise sshlib)</description>
799
1700
  <example service.component.version="1.36">1.36_sshlib GlobalSCAPE</example>
@@ -811,6 +1712,7 @@
811
1712
  <param pos="0" name="os.product" value="Windows"/>
812
1713
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
813
1714
  </fingerprint>
1715
+
814
1716
  <fingerprint pattern="^([^\s]+) sshlib: WinSSHD (.*)$">
815
1717
  <description>Bitvise WinSSHD (which uses Bitvise sshlib)</description>
816
1718
  <example service.component.version="1.78" service.version="4.15a">1.78 sshlib: WinSSHD 4.15a</example>
@@ -827,6 +1729,7 @@
827
1729
  <param pos="0" name="os.product" value="Windows"/>
828
1730
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
829
1731
  </fingerprint>
1732
+
830
1733
  <fingerprint pattern="^([^\s]+) FlowSsh: (?:Bitvise SSH Server \(WinSSHD\)|WinSSHD) ([\d\.]+):?.*$">
831
1734
  <description>Bitvise WinSSHD (which uses Bitvise flowssh) with version</description>
832
1735
  <example service.version="5.09" service.component.version="1.03">1.03 FlowSsh: WinSSHD 5.09</example>
@@ -845,6 +1748,7 @@
845
1748
  <param pos="0" name="os.product" value="Windows"/>
846
1749
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
847
1750
  </fingerprint>
1751
+
848
1752
  <fingerprint pattern="^([^\s]+) FlowSsh: (?:Bitvise SSH Server \(WinSSHD\)|WinSSHD)(?: :.*)?$">
849
1753
  <description>Bitvise WinSSHD (which uses Bitvise flowssh) without version</description>
850
1754
  <example service.component.version="9.99">9.99 FlowSsh: Bitvise SSH Server (WinSSHD)</example>
@@ -861,6 +1765,7 @@
861
1765
  <param pos="0" name="os.product" value="Windows"/>
862
1766
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
863
1767
  </fingerprint>
1768
+
864
1769
  <fingerprint pattern="^([^\s]+) sshlib: MOVEit DMZ SSH (.*)$">
865
1770
  <description>MOVEit DMZ (which uses Bitvise sshlib)</description>
866
1771
  <param pos="1" name="service.component.version"/>
@@ -876,6 +1781,7 @@
876
1781
  <param pos="0" name="os.product" value="Windows"/>
877
1782
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
878
1783
  </fingerprint>
1784
+
879
1785
  <fingerprint pattern="^paramiko_([\d\.]+).*$">
880
1786
  <description>Paramiko</description>
881
1787
  <example service.version="2.1.3">paramiko_2.1.3 501 command not implemented ERROR</example>
@@ -883,7 +1789,9 @@
883
1789
  <param pos="0" name="service.vendor" value="Paramiko"/>
884
1790
  <param pos="0" name="service.product" value="Paramiko"/>
885
1791
  <param pos="1" name="service.version"/>
1792
+ <param pos="0" name="service.cpe23" value="cpe:/a:paramiko:paramiko:{service.version}"/>
886
1793
  </fingerprint>
1794
+
887
1795
  <fingerprint pattern="^Pragma SecureShell\s*(.*)$">
888
1796
  <description>Pragma SecureShell</description>
889
1797
  <param pos="1" name="service.version"/>
@@ -895,6 +1803,7 @@
895
1803
  <param pos="0" name="os.product" value="Windows"/>
896
1804
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
897
1805
  </fingerprint>
1806
+
898
1807
  <fingerprint pattern="^Pragma FortressSSH\s+([\d.]+)(?:\s+\[([\d.:]+)\])?$">
899
1808
  <description>Pragma FortressSSH</description>
900
1809
  <example service.version="5.0.9.2031">Pragma FortressSSH 5.0.9.2031</example>
@@ -909,6 +1818,7 @@
909
1818
  <param pos="0" name="os.product" value="Windows"/>
910
1819
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
911
1820
  </fingerprint>
1821
+
912
1822
  <fingerprint pattern="^RebexSSH_([\d\.]+)$">
913
1823
  <description>Rbex SSH</description>
914
1824
  <example service.version="1.0.5.25508">RebexSSH_1.0.5.25508</example>
@@ -916,12 +1826,14 @@
916
1826
  <param pos="0" name="service.product" value="SSH"/>
917
1827
  <param pos="1" name="service.version"/>
918
1828
  </fingerprint>
1829
+
919
1830
  <fingerprint pattern="^RGOS_\S+$">
920
1831
  <description>Ruijie Networks SSH</description>
921
1832
  <example>RGOS_SSH_1.0</example>
922
1833
  <example>RGOS_PK3223</example>
923
1834
  <param pos="0" name="hw.vendor" value="Ruijie"/>
924
1835
  </fingerprint>
1836
+
925
1837
  <fingerprint pattern="^VShell_(?:Special_Edition_)?(\d+)_(\d+)_(\d+)_(\d+) VShell$">
926
1838
  <description>VanDyke VShell - detailed variant</description>
927
1839
  <example service.version="3" service.version.version="6" service.version.version.version="2" service.version.version.version.version="446">VShell_3_6_2_446 VShell</example>
@@ -935,6 +1847,7 @@
935
1847
  <param pos="0" name="service.product" value="VShell"/>
936
1848
  <param pos="0" name="service.cpe23" value="cpe:/a:vandyke:vshell:{service.version}"/>
937
1849
  </fingerprint>
1850
+
938
1851
  <fingerprint pattern="^([\s]*)\s*VShell$">
939
1852
  <description>VanDyke VShell</description>
940
1853
  <param pos="1" name="service.version"/>
@@ -943,6 +1856,7 @@
943
1856
  <param pos="0" name="service.product" value="VShell"/>
944
1857
  <param pos="0" name="service.cpe23" value="cpe:/a:vandyke:vshell:{service.version}"/>
945
1858
  </fingerprint>
1859
+
946
1860
  <fingerprint pattern="^WRQReflection(?i:F)orSecureIT_(.*)$">
947
1861
  <description>Attachmate Reflection (formerly WRQ Reflection for Secure IT)</description>
948
1862
  <example service.version="6.1 Build 21">WRQReflectionForSecureIT_6.1 Build 21</example>
@@ -952,6 +1866,7 @@
952
1866
  <param pos="0" name="service.family" value="Reflection"/>
953
1867
  <param pos="0" name="service.product" value="Reflection"/>
954
1868
  </fingerprint>
1869
+
955
1870
  <fingerprint pattern="^([^\s]*)\s*F-Secure SSH\s*(?:.*)$">
956
1871
  <description>Attachmate Reflection (formerly F-Secure SSH)</description>
957
1872
  <example service.version="3.2.3">3.2.3 F-Secure SSH Windows NT Server</example>
@@ -960,6 +1875,7 @@
960
1875
  <param pos="0" name="service.family" value="Reflection"/>
961
1876
  <param pos="0" name="service.product" value="Reflection"/>
962
1877
  </fingerprint>
1878
+
963
1879
  <fingerprint pattern="^([^\s]*)\s*SSH Tectia Server$">
964
1880
  <description>SSH Communications Security Tectia Server - branded</description>
965
1881
  <example service.version="6.4.12.353">6.4.12.353 SSH Tectia Server</example>
@@ -968,6 +1884,7 @@
968
1884
  <param pos="0" name="service.family" value="SSH Tectia Server"/>
969
1885
  <param pos="0" name="service.product" value="SSH Tectia Server"/>
970
1886
  </fingerprint>
1887
+
971
1888
  <fingerprint pattern="^([0-9\.]+) SSH Secure Shell(?: \(non-commercial\))?$">
972
1889
  <description>SSH Communications Security Tectia Server</description>
973
1890
  <example service.version="3.2.9.1">3.2.9.1 SSH Secure Shell (non-commercial)</example>
@@ -978,6 +1895,7 @@
978
1895
  <param pos="0" name="service.family" value="SSH Tectia Server"/>
979
1896
  <param pos="0" name="service.product" value="SSH Tectia Server"/>
980
1897
  </fingerprint>
1898
+
981
1899
  <fingerprint pattern="^([0-9\.]+) SSH Secure Shell Windows NT Server$">
982
1900
  <description>Unknown Windows SSH server</description>
983
1901
  <example service.version="4.0.3">4.0.3 SSH Secure Shell Windows NT Server</example>
@@ -990,6 +1908,7 @@
990
1908
  <param pos="0" name="service.family" value="SSH Tectia Server"/>
991
1909
  <param pos="0" name="service.product" value="SSH Tectia Server"/>
992
1910
  </fingerprint>
1911
+
993
1912
  <fingerprint pattern="^ARRIS_(.*)$">
994
1913
  <description>ARRIS device (though not clear which) - www.arrisi.com</description>
995
1914
  <example service.version="0.50">ARRIS_0.50</example>
@@ -998,6 +1917,7 @@
998
1917
  <param pos="0" name="service.product" value="ARRIS"/>
999
1918
  <param pos="0" name="os.vendor" value="ARRIS"/>
1000
1919
  </fingerprint>
1920
+
1001
1921
  <fingerprint pattern="^Mocana SSH\s?(?:([\d.]+))?$">
1002
1922
  <description>Mocana Embedded SSH</description>
1003
1923
  <example service.version="5.3.1">Mocana SSH 5.3.1</example>
@@ -1007,6 +1927,7 @@
1007
1927
  <param pos="0" name="service.family" value="Embedded SSH Server"/>
1008
1928
  <param pos="0" name="service.product" value="Embedded SSH Server"/>
1009
1929
  </fingerprint>
1930
+
1010
1931
  <fingerprint pattern="^FreSSH\.(.*)$">
1011
1932
  <description>FreSSH</description>
1012
1933
  <example service.version="0.8">FreSSH.0.8</example>
@@ -1014,6 +1935,7 @@
1014
1935
  <param pos="0" name="service.family" value="FreSSH"/>
1015
1936
  <param pos="0" name="service.product" value="FreSSH"/>
1016
1937
  </fingerprint>
1938
+
1017
1939
  <fingerprint pattern="^RomCliSecure_(.*)$">
1018
1940
  <description>RomCliSecure appears to be the Adtran NetVanta products</description>
1019
1941
  <example service.version="4.12">RomCliSecure_4.12</example>
@@ -1025,6 +1947,7 @@
1025
1947
  <param pos="0" name="os.family" value="NetVanta"/>
1026
1948
  <param pos="0" name="os.product" value="NetVanta"/>
1027
1949
  </fingerprint>
1950
+
1028
1951
  <fingerprint pattern="^.*MultiNet.*$">
1029
1952
  <description>Process Software MultiNet is a suite of network apps for OpenVMS</description>
1030
1953
  <param pos="0" name="service.vendor" value="Process Software"/>
@@ -1035,12 +1958,14 @@
1035
1958
  <param pos="0" name="os.product" value="OpenVMS"/>
1036
1959
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:openvms:-"/>
1037
1960
  </fingerprint>
1961
+
1038
1962
  <fingerprint pattern="^dropbear$">
1039
1963
  <description>Dropbear w/o version - http://matt.ucc.asn.au/dropbear/dropbear.html</description>
1040
1964
  <example>dropbear</example>
1041
1965
  <param pos="0" name="service.family" value="Dropbear"/>
1042
1966
  <param pos="0" name="service.product" value="Dropbear"/>
1043
1967
  </fingerprint>
1968
+
1044
1969
  <fingerprint pattern="^dropbear_(.*)$">
1045
1970
  <description>Dropbear - http://matt.ucc.asn.au/dropbear/dropbear.html</description>
1046
1971
  <example service.version="2015.67">dropbear_2015.67</example>
@@ -1049,6 +1974,7 @@
1049
1974
  <param pos="0" name="service.family" value="Dropbear"/>
1050
1975
  <param pos="0" name="service.product" value="Dropbear"/>
1051
1976
  </fingerprint>
1977
+
1052
1978
  <fingerprint pattern="^lancom$">
1053
1979
  <description>LANCOM Systems - http://www.lancom-systems.de/</description>
1054
1980
  <example>lancom</example>
@@ -1057,6 +1983,7 @@
1057
1983
  <param pos="0" name="service.product" value="SSH"/>
1058
1984
  <param pos="0" name="os.vendor" value="LANCOM Systems"/>
1059
1985
  </fingerprint>
1986
+
1060
1987
  <fingerprint pattern="^0$">
1061
1988
  <description>MOVEit DMZ</description>
1062
1989
  <example>0</example>
@@ -1068,6 +1995,7 @@
1068
1995
  <param pos="0" name="os.product" value="Windows"/>
1069
1996
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1070
1997
  </fingerprint>
1998
+
1071
1999
  <fingerprint pattern="^Comware-(\d+\.?\d*\.?\d*)$">
1072
2000
  <description>SSH on H3C Comware</description>
1073
2001
  <example os.version="5.20.105">Comware-5.20.105</example>
@@ -1080,6 +2008,7 @@
1080
2008
  <param pos="0" name="os.family" value="Comware"/>
1081
2009
  <param pos="1" name="os.version"/>
1082
2010
  </fingerprint>
2011
+
1083
2012
  <fingerprint pattern="^Data ONTAP SSH [\d\.]+$">
1084
2013
  <description>SSH NetApp appliances</description>
1085
2014
  <example>Data ONTAP SSH 1.0</example>
@@ -1088,12 +2017,13 @@
1088
2017
  <param pos="0" name="os.product" value="Data ONTAP"/>
1089
2018
  <param pos="0" name="os.cpe23" value="cpe:/o:netapp:data_ontap:-"/>
1090
2019
  </fingerprint>
2020
+
1091
2021
  <fingerprint pattern="^(\d\.\d+\.\d+) SSH Secure Shell OpenVMS V\d+\.\d+$">
1092
2022
  <description>SSH for OpenVMS</description>
1093
2023
  <example service.component.version="3.2.0">3.2.0 SSH Secure Shell OpenVMS V5.5</example>
1094
2024
  <example service.component.version="2.4.1">2.4.1 SSH Secure Shell OpenVMS V1.0</example>
1095
2025
  <param pos="1" name="service.component.version"/>
1096
- <param pos="0" name="service.component.vendor" value="SSH Communication Security"/>
2026
+ <param pos="0" name="service.component.vendor" value="SSH Communications Security"/>
1097
2027
  <param pos="0" name="service.component.family" value="SSH Secure Shell"/>
1098
2028
  <param pos="0" name="service.component.product" value="SSH Secure Shell"/>
1099
2029
  <param pos="0" name="service.vendor" value="HP"/>
@@ -1105,12 +2035,13 @@
1105
2035
  <param pos="0" name="os.certainty" value="0.75"/>
1106
2036
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:openvms:-"/>
1107
2037
  </fingerprint>
2038
+
1108
2039
  <fingerprint pattern="^(\d\.\d+\.\d+) SSH (?:Secure Shell )?OpenVMS V\d\.\d VMS_sftp_version (\d)$">
1109
2040
  <description>SSH for OpenVMS sftp</description>
1110
2041
  <example service.component.version="3.2.0" service.version="3">3.2.0 SSH Secure Shell OpenVMS V5.5 VMS_sftp_version 3</example>
1111
2042
  <example service.component.version="3.2.0" service.version="3">3.2.0 SSH OpenVMS V5.5 VMS_sftp_version 3</example>
1112
2043
  <param pos="1" name="service.component.version"/>
1113
- <param pos="0" name="service.component.vendor" value="SSH Communication Security"/>
2044
+ <param pos="0" name="service.component.vendor" value="SSH Communications Security"/>
1114
2045
  <param pos="0" name="service.component.family" value="SSH Secure Shell"/>
1115
2046
  <param pos="0" name="service.component.product" value="SSH Secure Shell"/>
1116
2047
  <param pos="0" name="service.vendor" value="HP"/>
@@ -1121,6 +2052,7 @@
1121
2052
  <param pos="0" name="os.family" value="OpenVMS"/>
1122
2053
  <param pos="0" name="os.certainty" value="0.75"/>
1123
2054
  </fingerprint>
2055
+
1124
2056
  <fingerprint pattern="^\S+ SSH Secure Shell Tru64 UNIX$">
1125
2057
  <description>Digital/Compaq/HP Tru64 Unix</description>
1126
2058
  <example>3.2.0 SSH Secure Shell Tru64 UNIX</example>
@@ -1129,17 +2061,21 @@
1129
2061
  <param pos="0" name="os.product" value="Tru64 Unix"/>
1130
2062
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:tru64:-"/>
1131
2063
  </fingerprint>
1132
- <fingerprint pattern="^(?:SSH-(\d\.\d)-)?ROSSSH$">
2064
+
2065
+ <fingerprint pattern="^ROSSSH$">
1133
2066
  <description>MikroTik RouterOS sshd</description>
1134
2067
  <example>ROSSSH</example>
1135
- <example service.version="2.0">SSH-2.0-ROSSSH</example>
1136
- <param pos="1" name="service.version"/>
1137
2068
  <param pos="0" name="os.vendor" value="MikroTik"/>
1138
2069
  <param pos="0" name="os.device" value="Router"/>
1139
2070
  <param pos="0" name="os.family" value="RouterOS"/>
1140
2071
  <param pos="0" name="os.product" value="RouterOS"/>
1141
2072
  <param pos="0" name="os.cpe23" value="cpe:/o:mikrotik:routeros:-"/>
1142
2073
  </fingerprint>
2074
+
2075
+ <!-- xlightftpd is an ftp server that also supports SFTP. The SFTP
2076
+ server appears in ssh studies, thus this banner is here, and
2077
+ not in ftp_banners.xml-->
2078
+
1143
2079
  <fingerprint pattern="^xlightftpd_release_([\d.]+)$">
1144
2080
  <description>Xlight FTP Server</description>
1145
2081
  <example service.version="3.8.3.6.1">xlightftpd_release_3.8.3.6.1</example>
@@ -1152,6 +2088,7 @@
1152
2088
  <param pos="0" name="os.product" value="Windows"/>
1153
2089
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1154
2090
  </fingerprint>
2091
+
1155
2092
  <fingerprint pattern="^libssh[-_]([\d.]+)$">
1156
2093
  <description>SSH server utilising libssh</description>
1157
2094
  <example service.version="0.6.0">libssh-0.6.0</example>
@@ -1162,6 +2099,28 @@
1162
2099
  <param pos="0" name="service.vendor" value="libssh"/>
1163
2100
  <param pos="0" name="service.cpe23" value="cpe:/a:libssh:libssh:{service.version}"/>
1164
2101
  </fingerprint>
2102
+
2103
+ <fingerprint pattern="^WeOnlyDo ([\d.]+)$">
2104
+ <description>WeOnlyDo with version</description>
2105
+ <example service.version="1.2.7">WeOnlyDo 1.2.7</example>
2106
+ <example service.version="2.0.1">WeOnlyDo 2.0.1</example>
2107
+ <example service.version="2.5.4">WeOnlyDo 2.5.4</example>
2108
+ <param pos="1" name="service.version"/>
2109
+ <param pos="0" name="service.family" value="WeOnlyDo"/>
2110
+ <param pos="0" name="service.vendor" value="WeOnlyDo"/>
2111
+ <param pos="0" name="service.product" value="WeOnlyDo SSH Server"/>
2112
+ </fingerprint>
2113
+
2114
+ <fingerprint pattern="^WeOnlyDo ([\d.]+) \(FIPS\)$">
2115
+ <description>WeOnlyDo with version with FIPS mode enabled</description>
2116
+ <example service.version="2.2.9">WeOnlyDo 2.2.9 (FIPS)</example>
2117
+ <example service.version="2.4.3">WeOnlyDo 2.4.3 (FIPS)</example>
2118
+ <param pos="1" name="service.version"/>
2119
+ <param pos="0" name="service.family" value="WeOnlyDo"/>
2120
+ <param pos="0" name="service.vendor" value="WeOnlyDo"/>
2121
+ <param pos="0" name="service.product" value="WeOnlyDo SSH Server"/>
2122
+ </fingerprint>
2123
+
1165
2124
  <!--
1166
2125
  1.2.22j4rad
1167
2126
  2.40
@@ -1170,8 +2129,10 @@ Server-VII
1170
2129
  9.9.1
1171
2130
  IPSSH-1.10.0
1172
2131
  -->
2132
+
1173
2133
  <!--
1174
2134
  Possibly Nortel Passport
1175
2135
  SSH_2.1.1
1176
2136
  -->
1177
- </fingerprints>
2137
+
2138
+ </fingerprints>