RubyGems - recog - Versions diffs - 2.3.9 → 2.3.14 - Mend

recog 2.3.9 → 2.3.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (20) hide show

checksums.yaml +4 -4
data/bin/recog_cleanup +0 -0
data/cpe-remap.yaml +18 -2
data/identifiers/service_product.txt +1 -0
data/identifiers/vendor.txt +1 -0
data/lib/recog/version.rb +1 -1
data/update_cpes.py +3 -0
data/xml/dns_versionbind.xml +116 -8
data/xml/favicons.xml +3 -2
data/xml/ftp_banners.xml +72 -10
data/xml/html_title.xml +28 -0
data/xml/http_servers.xml +418 -72
data/xml/http_wwwauth.xml +7 -7
data/xml/imap_banners.xml +43 -0
data/xml/pop_banners.xml +57 -2
data/xml/smtp_banners.xml +84 -2
data/xml/snmp_sysdescr.xml +2 -1
data/xml/ssh_banners.xml +7 -3
data/xml/telnet_banners.xml +227 -7
metadata +2 -2

data/xml/http_wwwauth.xml CHANGED

@@ -515,9 +515,9 @@
   <fingerprint pattern="^(?:Basic|Digest) realm=&quot;NETGEAR (Orbi(?:-(?:micro|mini))?)&quot;.*$">
     <description>Netgear Orbi</description>
-    <example hw.product="Orbi">Basic realm=&quot;NETGEAR Orbi&quot;</example>
-    <example hw.product="Orbi-micro">Basic realm=&quot;NETGEAR Orbi-micro&quot;</example>
-    <example hw.product="Orbi-mini">Basic realm=&quot;NETGEAR Orbi-mini&quot;</example>
+    <example hw.product="Orbi">Basic realm="NETGEAR Orbi"</example>
+    <example hw.product="Orbi-micro">Basic realm="NETGEAR Orbi-micro"</example>
+    <example hw.product="Orbi-mini">Basic realm="NETGEAR Orbi-mini"</example>
     <param pos="0" name="hw.vendor" value="Netgear"/>
     <param pos="0" name="hw.device" value="WAP"/>
     <param pos="0" name="hw.family" value="Orbi"/>
@@ -526,9 +526,9 @@
   <fingerprint pattern="(?:Basic|Digest) realm=&quot;NETGEAR ([a-zA-Z0-9\-\+]+)\s*&quot;.*$">
     <description>Netgear Routers</description>
-    <example hw.product="DG834">Basic realm=&quot;NETGEAR DG834  &quot;</example>
-    <example hw.product="C7000v2">Basic realm=&quot;NETGEAR C7000v2&quot;</example>
-    <example hw.product="R7000P">Basic realm=&quot;NETGEAR R7000P&quot;</example>
+    <example hw.product="DG834">Basic realm="NETGEAR DG834  "</example>
+    <example hw.product="C7000v2">Basic realm="NETGEAR C7000v2"</example>
+    <example hw.product="R7000P">Basic realm="NETGEAR R7000P"</example>
     <param pos="0" name="hw.vendor" value="Netgear"/>
     <param pos="0" name="hw.device" value="Router"/>
     <param pos="1" name="hw.product"/>
@@ -538,7 +538,7 @@
   <fingerprint pattern="(?:Basic|Digest) realm=&quot;Netgear&quot;.*$">
     <description>Netgear Unspecified Router</description>
-    <example>Basic realm=&quot;Netgear&quot;</example>
+    <example>Basic realm="Netgear"</example>
     <param pos="0" name="hw.vendor" value="Netgear"/>
     <param pos="0" name="hw.device" value="Router"/>
   </fingerprint>

data/xml/imap_banners.xml CHANGED

@@ -113,8 +113,49 @@
     <description>Dovecot Secure IMAP Server</description>
     <example>Dovecot ready.</example>
     <example>Dovecot DA ready.</example>
+    <param pos="0" name="service.vendor" value="Dovecot"/>
     <param pos="0" name="service.family" value="Dovecot"/>
     <param pos="0" name="service.product" value="Dovecot"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:dovecot:dovecot:-"/>
+  </fingerprint>
+  <fingerprint pattern="^Dovecot \(Ubuntu\) ready\.$">
+    <description>Dovecot Secure IMAP Server - Ubuntu variant</description>
+    <example>Dovecot (Ubuntu) ready.</example>
+    <param pos="0" name="service.vendor" value="Dovecot"/>
+    <param pos="0" name="service.family" value="Dovecot"/>
+    <param pos="0" name="service.product" value="Dovecot"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:dovecot:dovecot:-"/>
+    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:-"/>
+  </fingerprint>
+  <fingerprint pattern="^Dovecot \(Debian\) ready\.$">
+    <description>Dovecot Secure IMAP Server - Debian variant</description>
+    <example>Dovecot (Debian) ready.</example>
+    <param pos="0" name="service.vendor" value="Dovecot"/>
+    <param pos="0" name="service.family" value="Dovecot"/>
+    <param pos="0" name="service.product" value="Dovecot"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:dovecot:dovecot:-"/>
+    <param pos="0" name="os.vendor" value="Debian"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:-"/>
+  </fingerprint>
+  <fingerprint pattern="^Dovecot \(Raspbian\) ready\.$">
+    <description>Dovecot Secure IMAP Server - Raspbian variant</description>
+    <example>Dovecot (Raspbian) ready.</example>
+    <param pos="0" name="service.vendor" value="Dovecot"/>
+    <param pos="0" name="service.family" value="Dovecot"/>
+    <param pos="0" name="service.product" value="Dovecot"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:dovecot:dovecot:-"/>
+    <param pos="0" name="os.vendor" value="Raspbian"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="hw.product" value="Raspberry Pi"/>
   </fingerprint>
   <fingerprint pattern="^Courier-IMAP ready. Copyright \d+-\d+">
@@ -163,6 +204,7 @@
     <param pos="0" name="service.family" value="Cyrus MTA"/>
     <param pos="0" name="service.product" value="Cyrus IMAP"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:cmu:cyrus_imap_server:{service.version}"/>
     <param pos="0" name="os.vendor" value="Apple"/>
     <param pos="0" name="os.family" value="Mac OS X"/>
     <param pos="0" name="os.product" value="Mac OS X"/>
@@ -179,6 +221,7 @@
     <param pos="0" name="service.family" value="Cyrus MTA"/>
     <param pos="0" name="service.product" value="Cyrus IMAP"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:cmu:cyrus_imap_server:{service.version}"/>
     <param pos="1" name="host.name"/>
   </fingerprint>

data/xml/pop_banners.xml CHANGED

@@ -180,11 +180,55 @@
   <fingerprint pattern="^[dD]ovecot (?:DA )?ready\.(?: &lt;.+@(.+)&gt;)?$">
     <description>Dovecot Secure POP Server</description>
+    <example>Dovecot ready.</example>
+    <example>Dovecot DA ready.</example>
+    <example host.name="foo.bar.baz">Dovecot ready. &lt;fea.13865d.5f06b0a4.DuIvzQI4DAGR9MurahIGJw==@foo.bar.baz&gt;</example>
+    <param pos="0" name="service.vendor" value="Dovecot"/>
     <param pos="0" name="service.family" value="Dovecot"/>
     <param pos="0" name="service.product" value="Dovecot"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:dovecot:dovecot:-"/>
     <param pos="1" name="host.name"/>
   </fingerprint>
+  <fingerprint pattern="^Dovecot \(Ubuntu\) ready\.$">
+    <description>Dovecot Secure POP Server - Ubuntu variant</description>
+    <example>Dovecot (Ubuntu) ready.</example>
+    <param pos="0" name="service.vendor" value="Dovecot"/>
+    <param pos="0" name="service.family" value="Dovecot"/>
+    <param pos="0" name="service.product" value="Dovecot"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:dovecot:dovecot:-"/>
+    <param pos="0" name="os.vendor" value="Ubuntu"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:-"/>
+  </fingerprint>
+  <fingerprint pattern="^Dovecot \(Debian\) ready\.$">
+    <description>Dovecot Secure POP Server - Debian variant</description>
+    <example>Dovecot (Debian) ready.</example>
+    <param pos="0" name="service.vendor" value="Dovecot"/>
+    <param pos="0" name="service.family" value="Dovecot"/>
+    <param pos="0" name="service.product" value="Dovecot"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:dovecot:dovecot:-"/>
+    <param pos="0" name="os.vendor" value="Debian"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:-"/>
+  </fingerprint>
+  <fingerprint pattern="^Dovecot \(Raspbian\) ready\.$">
+    <description>Dovecot Secure POP Server - Raspbian variant</description>
+    <example>Dovecot (Raspbian) ready.</example>
+    <param pos="0" name="service.vendor" value="Dovecot"/>
+    <param pos="0" name="service.family" value="Dovecot"/>
+    <param pos="0" name="service.product" value="Dovecot"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:dovecot:dovecot:-"/>
+    <param pos="0" name="os.vendor" value="Raspbian"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="hw.product" value="Raspberry Pi"/>
+  </fingerprint>
   <fingerprint pattern="^(\S+) Zimbra POP3 server ready\.?$">
     <description>VMware Zimbra POP</description>
     <example host.name="foo.bar">foo.bar Zimbra POP3 server ready</example>
@@ -301,6 +345,19 @@
     <param pos="1" name="service.version"/>
   </fingerprint>
+  <fingerprint pattern="^Welcome to MailEnable POP3 Server$">
+    <description>MailEnable POP3</description>
+    <example>Welcome to MailEnable POP3 Server</example>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="os.product" value="Windows"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
+    <param pos="0" name="service.vendor" value="MailEnable"/>
+    <param pos="0" name="service.family" value="Mail Server"/>
+    <param pos="0" name="service.product" value="MailEnable"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:mailenable:mailenable:-"/>
+  </fingerprint>
   <!--
 ; Mandrake 8.1 - uses UW IMAP
 ; +OK POP3 mandrake81-f540k v2000.70mdk server ready
@@ -330,7 +387,6 @@
 // +OK Gordano Messaging Suite POP3 server ready <13501095613509@hollandcanadaline.com>
 // +OK unitechna.lt Merak 8.9.1 POP3 Sun, 22 Jul 2007 23:16:25 +0300 <20070722231625@unitechna.lt>
 // +OK Cubic Circle's v1.31 1998/05/13 POP3 ready <0c9300004104a246@www.dvdld.co.za>
-// +OK Welcome to MailEnable POP3 Server
 // +OK GroupWise POP3 server ready
 // +OK POP3 AnalogX Proxy 4.14 (Release) ready.
 // +OK lojack.com.ar POP MDaemon 9.6.0 ready <MDAEMON-F200707232110.AA1001241MD4604@lojack.com.ar>
@@ -471,7 +527,6 @@
 +OK studiovisuals.com POP3 Server (Version 1.020h) ready.
 +OK themeekermall.com POP3 Server (Version 1.020h) ready.
 +OK unitechna.lt Merak 8.9.1 POP3 Sun, 22 Jul 2007 23:16:25 +0300 <20070722231625@unitechna.lt>
-+OK Welcome to MailEnable POP3 Server
 +OK X1 NT-POP3 Server 2436681011.monstercommercesites.com (IMail 7.15 560907-1)
 +OK X1 NT-POP3 Server Calvin-Serv (IMail 8.22 1107-1)
 +OK X1 NT-POP3 Server chealsea.com.cn (IMail 8.15 16990-1)

data/xml/smtp_banners.xml CHANGED

@@ -861,6 +861,7 @@
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:ibm:lotus_domino:{service.version}"/>
     <param pos="3" name="system.time"/>
   </fingerprint>
@@ -940,11 +941,13 @@
   <fingerprint pattern="^([^ ]+) Postfix \(Postfix-([^ ]+)-([^ ]+)\) \(([^ ]+)\) *$">
     <description>Postfix - version + build, followed by os</description>
+    <param pos="0" name="service.vendor" value="Postfix"/>
     <param pos="0" name="service.family" value="Postfix"/>
     <param pos="0" name="service.product" value="Postfix"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
     <param pos="3" name="service.version.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:{service.version}"/>
     <param pos="4" name="postfix.os.info"/>
   </fingerprint>
@@ -952,27 +955,33 @@
     <description>Postfix - Std semantic versioning, w/ optional parens</description>
     <example service.version="3.1.4">foo.bar ESMTP Postfix (3.1.4)</example>
     <example service.version="2.7.1">foo.bar ESMTP Postfix 2.7.1</example>
+    <param pos="0" name="service.vendor" value="Postfix"/>
     <param pos="0" name="service.family" value="Postfix"/>
     <param pos="0" name="service.product" value="Postfix"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:{service.version}"/>
   </fingerprint>
   <fingerprint pattern="^([^ ]+) ESMTP Postfix \((?:Postfix-)?([\d.]+)-([^ ]+)\)$">
     <description>Postfix - version + build</description>
     <example service.version="2.8" service.version.version="20100306">foo.bar ESMTP Postfix (2.8-20100306)</example>
+    <param pos="0" name="service.vendor" value="Postfix"/>
     <param pos="0" name="service.family" value="Postfix"/>
     <param pos="0" name="service.product" value="Postfix"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
     <param pos="3" name="service.version.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:{service.version}"/>
   </fingerprint>
   <fingerprint pattern="^([^ ]+) +E?SMTP Postfix \(Ubuntu\)$">
     <description>Postfix - Ubuntu</description>
     <example>foo.bar ESMTP Postfix (Ubuntu)</example>
+    <param pos="0" name="service.vendor" value="Postfix"/>
     <param pos="0" name="service.family" value="Postfix"/>
     <param pos="0" name="service.product" value="Postfix"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:-"/>
     <param pos="1" name="host.name"/>
     <param pos="0" name="os.vendor" value="Ubuntu"/>
     <param pos="0" name="os.family" value="Linux"/>
@@ -984,8 +993,10 @@
     <description>Postfix - Ubuntu, Mail-in-a-Box package</description>
     <example>foo.bar ESMTP Hi, I'm a Mail-in-a-Box (Ubuntu/Postfix; see https://mailinabox.email/)</example>
     <example>foo.bar Hi, I'm a Mail-in-a-Box (Ubuntu/Postfix; see https://mailinabox.email/)</example>
+    <param pos="0" name="service.vendor" value="Postfix"/>
     <param pos="0" name="service.family" value="Postfix"/>
     <param pos="0" name="service.product" value="Postfix"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:-"/>
     <param pos="1" name="host.name"/>
     <param pos="0" name="os.vendor" value="Ubuntu"/>
     <param pos="0" name="os.family" value="Linux"/>
@@ -996,8 +1007,10 @@
   <fingerprint pattern="^([^ ]+) +E?SMTP Postfix \(Debian/GNU\)$">
     <description>Postfix - Debian</description>
     <example>foo.bar ESMTP Postfix (Debian/GNU)</example>
+    <param pos="0" name="service.vendor" value="Postfix"/>
     <param pos="0" name="service.family" value="Postfix"/>
     <param pos="0" name="service.product" value="Postfix"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:-"/>
     <param pos="1" name="host.name"/>
     <param pos="0" name="os.vendor" value="Debian"/>
     <param pos="0" name="os.family" value="Linux"/>
@@ -1008,8 +1021,10 @@
   <fingerprint pattern="^([^ ]+) ESMTP.* Postfix *\(.+\) *$">
     <description>Postfix - generic banner with amusing comments in parentheses</description>
     <example>foo.bar ESMTP Postfix (lol)</example>
+    <param pos="0" name="service.vendor" value="Postfix"/>
     <param pos="0" name="service.family" value="Postfix"/>
     <param pos="0" name="service.product" value="Postfix"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:-"/>
     <param pos="1" name="host.name"/>
   </fingerprint>
@@ -1017,23 +1032,29 @@
     <description>Postfix - generic banner</description>
     <example>foo.bar ESMTP Postfix</example>
     <example>foo.bar SMTP Postfix</example>
+    <param pos="0" name="service.vendor" value="Postfix"/>
     <param pos="0" name="service.family" value="Postfix"/>
     <param pos="0" name="service.product" value="Postfix"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:-"/>
     <param pos="1" name="host.name"/>
   </fingerprint>
   <fingerprint pattern="^ *ESMTP Postfix$">
     <description>Postfix - banner without hostname or version</description>
     <example>ESMTP Postfix</example>
+    <param pos="0" name="service.vendor" value="Postfix"/>
     <param pos="0" name="service.family" value="Postfix"/>
     <param pos="0" name="service.product" value="Postfix"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:-"/>
   </fingerprint>
   <fingerprint pattern="^(?i)([^ ]+) POSTFIX$">
     <description>Postfix - generic w/o ESMTP</description>
     <example host.name="foo.bar">foo.bar Postfix</example>
+    <param pos="0" name="service.vendor" value="Postfix"/>
     <param pos="0" name="service.family" value="Postfix"/>
     <param pos="0" name="service.product" value="Postfix"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:postfix:postfix:-"/>
     <param pos="1" name="host.name"/>
   </fingerprint>
@@ -1070,13 +1091,16 @@
   <fingerprint pattern="^Sendmail ESMTP ready$">
     <description>Sendmail - short banner w/o hostname, version, platform, or date.</description>
     <example>Sendmail ESMTP ready</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:-"/>
   </fingerprint>
   <fingerprint pattern="^([^ ]+) +ESMTP +Sendmail +([^ ]+) \(PHNE_([^ ]+)\) */ *(.+); *(.+) \(.+\)$">
     <description>Sendmail - HP-UX with a PHNE (HP Networking patch) installed</description>
     <example host.name="foo.bar" service.version="8.8.6" sendmail.config.version="8.7.1">foo.bar ESMTP Sendmail 8.8.6 (PHNE_14041)/8.7.1; Tue, 6 Feb 2001 10:04:32 -0300 (SAT)</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="os.vendor" value="HP"/>
@@ -1086,6 +1110,7 @@
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="3" name="sendmail.hpux.phne.version"/>
     <param pos="4" name="sendmail.config.version"/>
     <param pos="5" name="system.time"/>
@@ -1094,6 +1119,7 @@
   <fingerprint pattern="^(\S+) ESMTP Sendmail \S+ version ([\d\.]+) - Revision \S+ HP-UX([\d\.]+).*(\w\w\w, \d+ \w\w\w \d\d\d\d [\d:]+ \w\w\w)$">
     <description>Sendmail - HP-UX</description>
     <example host.name="foo.bar" os.version="11.31" service.version="8.13.3">foo.bar ESMTP Sendmail @(#)Sendmail version 8.13.3 - Revision 1.004:: HP-UX11.31 - 03rd February,2010/8.11.1; Wed, 20 May 2015 23:35:38 GMT</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="os.vendor" value="HP"/>
@@ -1104,12 +1130,14 @@
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss z"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="4" name="system.time"/>
   </fingerprint>
   <fingerprint pattern="^([^ ]+) +ESMTP +Sendmail +([^ ]+)/UW([^ ]+) ready at *(.+) \(.+\) *$">
     <description>Sendmail - Unixware</description>
     <example service.version="8.8.7">foo.bar ESMTP Sendmail 8.8.7/UW7.1.0 ready at Tue, 6 Feb 2001 16:39:30 -0300 (GMT-0300)</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="os.vendor" value="SCO"/>
@@ -1118,6 +1146,7 @@
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="3" name="os.version"/>
     <param pos="4" name="system.time"/>
   </fingerprint>
@@ -1125,6 +1154,7 @@
   <fingerprint pattern="^([^ ]+) ESMTP Sendmail AIX([^/]+)/UCB ([^;]+); (.+) \(.+\)$">
     <description>Sendmail - AIX (UCB variant)</description>
     <example os.version="4.2" service.version="8.7">foo.bar ESMTP Sendmail AIX4.2/UCB 8.7; Sun, 29 Jul 2001 22:34:37 -0400 (EDT)</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="os.vendor" value="IBM"/>
@@ -1135,12 +1165,14 @@
     <param pos="2" name="os.version"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:{os.version}"/>
     <param pos="3" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="4" name="system.time"/>
   </fingerprint>
   <fingerprint pattern="^([^ ]+) Sendmail AIX([^/]+)/UCB ([^/]+)/([^ ]+) ready at (.+)$">
     <description>Sendmail - AIX (UCB/ready at variant)</description>
     <example>foo.bar Sendmail AIX 4.1/UCB 5.64/4.03 ready at Mon, 30 Jul 2001 00:42:21 -0500</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="os.vendor" value="IBM"/>
@@ -1151,6 +1183,7 @@
     <param pos="2" name="os.version"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:{os.version}"/>
     <param pos="3" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="4" name="sendmail.config.version"/>
     <param pos="5" name="system.time"/>
   </fingerprint>
@@ -1159,6 +1192,7 @@
     <description>Sendmail - AIX</description>
     <example host.name="foo.bar" os.version="4.2" service.version="8.7" sendmail.config.version="8.8">foo.bar ESMTP Sendmail AIX4.2/8.7/8.8; Sun, 29 Jul 2001 22:34:37 -0400 (EDT)</example>
     <example host.name="foo.bar" os.version="5.1" service.version="8.11.6p2" sendmail.config.version="8.11.0">foo.bar ESMTP Sendmail AIX5.1/8.11.6p2/8.11.0; Fri, 28 Aug 1970 19:42:05 -0800</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="os.vendor" value="IBM"/>
@@ -1169,6 +1203,7 @@
     <param pos="2" name="os.version"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:{os.version}"/>
     <param pos="3" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="4" name="sendmail.config.version"/>
     <param pos="5" name="system.time"/>
   </fingerprint>
@@ -1176,6 +1211,7 @@
   <fingerprint pattern="^([^ ]+) ESMTP Sendmail ([^/]+)/([^/]+)/SuSE Linux ([^;]+); (.+)$">
     <description>Sendmail - SuSE Linux</description>
     <example>foo.bar ESMTP Sendmail 8.9.3/8.9.3/SuSE Linux 8.9.3-0.1; Mon, 30 Jul 2001 04:48:54 +0200</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="os.vendor" value="SuSE"/>
@@ -1185,6 +1221,7 @@
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="3" name="sendmail.config.version"/>
     <param pos="4" name="sendmail.vendor.version"/>
     <param pos="5" name="system.time"/>
@@ -1193,6 +1230,7 @@
   <fingerprint pattern="^([^ ]+) ESMTP Sendmail ([^ ]+)\+Sun/([^ ]+); (.+)$">
     <description>Sendmail - Solaris with date (no time offeset variant)</description>
     <example>foo.bar ESMTP Sendmail 8.9.3+Sun/8.9.1; Mon, 30 Jul 2001 02:50:22 GMT</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="os.vendor" value="Sun"/>
@@ -1202,6 +1240,7 @@
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss zzz"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="3" name="sendmail.config.version"/>
     <param pos="4" name="system.time"/>
   </fingerprint>
@@ -1209,6 +1248,7 @@
   <fingerprint pattern="^([^ ]+) ESMTP Sendmail ([^ ]+)\+Sun/([^ ]+) ready at (.+) \(.+\)$">
     <description>Sendmail - Solaris with date (ready variant)</description>
     <example>foo.bar ESMTP Sendmail 8.8.8+Sun/8.6.4 ready at Thu, 15 Nov 2000 11:40:32 -0800 (PST)</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="os.vendor" value="Sun"/>
@@ -1218,6 +1258,7 @@
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="3" name="sendmail.config.version"/>
     <param pos="4" name="system.time"/>
   </fingerprint>
@@ -1226,6 +1267,7 @@
     <description>Sendmail - Debian</description>
     <example service.version="8.12.0.Beta7" sendmail.config.version="8.12.0.Beta7" sendmail.vendor.version="8.12.0.Beta7-1">foo.bar ESMTP Debian Sendmail 8.12.0.Beta7/8.12.0.Beta7/Debian 8.12.0.Beta7-1; Sun, 29 Jul 2001 18:52:20 -0800</example>
     <example service.version="8.11.0" sendmail.config.version="8.9.3" sendmail.vendor.version="8.9.3-21">foo.bar ESMTP Sendmail 8.11.0/8.9.3/Debian 8.9.3-21; Sun, 29 Jul 2001 19:51:00 -0700</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="os.vendor" value="Debian"/>
@@ -1235,6 +1277,7 @@
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="3" name="sendmail.config.version"/>
     <param pos="4" name="sendmail.vendor.version"/>
     <param pos="5" name="system.time"/>
@@ -1244,6 +1287,7 @@
     <description>Sendmail - Debian 7.x (wheezy)</description>
     <example service.version="8.14.4">foo.bar ESMTP Sendmail 8.14.4/8.14.4/Debian-4+wheezy1; Thu, 30 Nov 2017 10:33:05 +0100; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
     <example service.version="8.14.4">foo.bar ESMTP Sendmail 8.14.4/8.14.4/Debian-4+deb7u1; Thu, 30 Nov 2017 11:00:33 +0100; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="os.vendor" value="Debian"/>
@@ -1254,6 +1298,7 @@
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="3" name="sendmail.config.version"/>
     <param pos="4" name="system.time"/>
   </fingerprint>
@@ -1261,6 +1306,7 @@
   <fingerprint pattern="^([^ ]+) ESMTP Sendmail ([^/]+)/([^/]+)/Debian-\d\+deb8u\d; (.+); .*$">
     <description>Sendmail - Debian 8.x (jessie)</description>
     <example service.version="8.14.4">foo.bar ESMTP Sendmail 8.14.4/8.14.4/Debian-8+deb8u2; Thu, 30 Nov 2017 10:25:48 +0100; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="os.vendor" value="Debian"/>
@@ -1271,6 +1317,7 @@
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="3" name="sendmail.config.version"/>
     <param pos="4" name="system.time"/>
   </fingerprint>
@@ -1278,6 +1325,7 @@
   <fingerprint pattern="^([^ ]+) ESMTP Sendmail ([^/]+)/([^/]+)/Debian-\d\+lenny\d; (.+); .*$">
     <description>Sendmail - Debian 5.x (lenny)</description>
     <example service.version="8.14.3">foo.bar ESMTP Sendmail 8.14.3/8.14.3/Debian-5+lenny1; Thu, 30 Nov 2017 12:29:40 +0300; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="os.vendor" value="Debian"/>
@@ -1288,6 +1336,7 @@
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="3" name="sendmail.config.version"/>
     <param pos="4" name="system.time"/>
   </fingerprint>
@@ -1295,6 +1344,7 @@
   <fingerprint pattern="^([^ ]+) ESMTP Sendmail ([^/]+)/([^/]+)/Debian-\d\+etch\d; (.+); .*$">
     <description>Sendmail - Debian 4.x (etch)</description>
     <example service.version="8.13.8" sendmail.config.version="8.13.8">foo.bar ESMTP Sendmail 8.13.8/8.13.8/Debian-3+etch1; Thu, 30 Nov 2017 10:28:23 +0100; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="os.vendor" value="Debian"/>
@@ -1305,6 +1355,7 @@
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="3" name="sendmail.config.version"/>
     <param pos="4" name="system.time"/>
   </fingerprint>
@@ -1312,6 +1363,7 @@
   <fingerprint pattern="^([^ ]+) ESMTP Sendmail ([^/]+)/([^/]+)/Debian-\dsarge\d; (.+); .*$">
     <description>Sendmail - Debian 3.1 (sarge)</description>
     <example service.version="8.13.4">foo.bar ESMTP Sendmail 8.13.4/8.13.4/Debian-3sarge1; Thu, 30 Nov 2017 10:55:47 +0100; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="os.vendor" value="Debian"/>
@@ -1322,6 +1374,7 @@
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="3" name="sendmail.config.version"/>
     <param pos="4" name="system.time"/>
   </fingerprint>
@@ -1331,6 +1384,7 @@
     <example service.version="8.15.2">foo.bar ESMTP Sendmail 8.15.2/8.15.2/Debian-3; Thu, 30 Nov 2017 10:55:50 +0200; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
     <example service.version="8.14.3">foo.bar ESMTP Sendmail 8.14.3/8.14.3/Debian-9.4; Thu, 30 Nov 2017 10:11:54 +0100; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
     <example service.version="8.14.2">foo.bar ESMTP Sendmail 8.14.2/8.14.2/Debian-2build1; Thu, 30 Nov 2017 04:09:50 -0600; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="os.vendor" value="Debian"/>
@@ -1340,6 +1394,7 @@
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="3" name="sendmail.config.version"/>
     <param pos="4" name="system.time"/>
   </fingerprint>
@@ -1348,6 +1403,7 @@
     <description>Sendmail - Ubuntu</description>
     <example service.version="8.13.5.20060308">foo.bar ESMTP Sendmail 8.13.5.20060308/8.13.5/Debian-3ubuntu1.1; Fri, 24 Jul 2009 01:41:21 -0700; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
     <example service.version="8.14.4">foo.bar ESMTP Sendmail 8.14.4/8.14.4/Debian-4.1ubuntu1; Thu, 30 Nov 2017 11:00:30 +0100; (No UCE/UBE) logging access from: xyz.foo.bar(OK)-xyz.foo.bar [10.0.0.1]</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="os.vendor" value="Ubuntu"/>
@@ -1357,12 +1413,14 @@
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="3" name="system.time"/>
   </fingerprint>
   <fingerprint pattern="^([^ ]+) (?:E?SMTP )?Sendmail SMI-([^/]+)/(SMI-SVR4) ready at (.+)$">
     <description>Sendmail - Solaris (SMI variant)</description>
     <example>foo.bar Sendmail SMI-8.6/SMI-SVR4 ready at Sun, 29 Jul 2001 22:58:46 -0400</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="os.vendor" value="Sun"/>
@@ -1372,6 +1430,7 @@
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="3" name="sendmail.config.version"/>
     <param pos="4" name="system.time"/>
   </fingerprint>
@@ -1379,6 +1438,7 @@
   <fingerprint pattern="^([^ ]+) ESMTP Sendmail ([^ ]+)/(linuxconf); (.+)$">
     <description>Sendmail - unknown platform (linuxconf variant)</description>
     <example>foo.bar ESMTP Sendmail 8.9.3/linuxconf; Sun, 29 Jul 2001 22:48:28 -0400</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="os.family" value="Linux"/>
@@ -1386,6 +1446,7 @@
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="3" name="sendmail.config.version"/>
     <param pos="4" name="system.time"/>
   </fingerprint>
@@ -1417,10 +1478,12 @@
     <example host.name="foo.bar" service.version="8.8.8" sendmail.config.version="8.8.9">foo.bar ESMTP blah Sendmail 8.8.8/8.8.9; Wed, 21 Nov 2001 23:39:07 +0100 (CET)</example>
     <example host.name="foo.bar" service.version="8.10.2" sendmail.config.version="8.10.3">foo.bar ESMTP Sendmail 8.10.2/8.10.3; Mon, 10 Sep 2001 08:37:14 -0400</example>
     <example host.name="foo.bar" service.version="8.13.8" sendmail.config.version="8.13.9">foo.bar ESMTP foo-MTA Sendmail 8.13.8/8.13.9; Mon, 18 Apr 2011 08:52:38 -0700</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="3" name="sendmail.config.version"/>
     <param pos="4" name="system.time"/>
   </fingerprint>
@@ -1428,10 +1491,12 @@
   <fingerprint pattern="^([^ ]+) +ESMTP .*Sendmail +([^/ ]+) */ *([^/ ]+); *(\w\w\w, \d+ \w\w\w \d\d\d\d [\d:]+ \w+)\.?$">
     <description>Sendmail - with timezone and timestamp, w/o timezone offset or OS</description>
     <example host.name="foo.bar" service.version="8.14.4" sendmail.config.version="8.14.4" system.time="Thu, 5 Apr 2018 19:30:58 GMT">foo.bar ESMTP Sendmail 8.14.4/8.14.4; Thu, 5 Apr 2018 19:30:58 GMT</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss z"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="3" name="sendmail.config.version"/>
     <param pos="4" name="system.time"/>
   </fingerprint>
@@ -1439,33 +1504,39 @@
   <fingerprint pattern="^([^ ]+) +ESMTP +Sendmail ([^ ]+) ready at *(\w\w\w, \d+ \w\w\w \d\d\d\d [\d:]+ [-+]\d\d\d\d)(?: \(.+\))$">
     <description>Sendmail - with version and date (optional timezone), w/o config version</description>
     <example host.name="foo.bar" service.version="8.8.8" system.time="Tue, 6 Feb 2001 14:37:14 +0100">foo.bar ESMTP Sendmail 8.8.8 ready at Tue, 6 Feb 2001 14:37:14 +0100 (CET)</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="3" name="system.time"/>
   </fingerprint>
   <fingerprint pattern="^([^ ]+) +ESMTP +Sendmail ([^ /]+) - \([^\)]+\)/[^ ]+;? *(\w\w\w, \d+ \w\w\w \d\d\d\d [\d:]+ [-+]\d\d\d\d)(?: \(.+\)) *$">
     <description>Sendmail - revision variant 1</description>
     <example>foo.foo.bar ESMTP Sendmail 8.11.1 - (Revision 1.010)/8.9.3; Sat, 22 Jan 2011 10:08:35 -0500 (EST)</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="3" name="system.time"/>
   </fingerprint>
   <fingerprint pattern="^([^ ]+) +ESMTP +Sendmail +(?:[^ ]+) +version +([^ ]+) +- +(?:[^;]+); *(\w\w\w, \d+ \w\w\w \d\d\d\d [\d:]+ [-+]\d\d\d\d)(?: \(.+\)) *$">
     <description>Sendmail - revision variant 2</description>
     <example>foo.foo.bar ESMTP Sendmail @(#)Sendmail version 8.13.3 - Revision 2.007 - 8 December 2008/8.8.6; Wed, 21 Jul 2010 11:17:01 -0400 (EDT)</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="3" name="system.time"/>
   </fingerprint>
@@ -1480,8 +1551,10 @@
     <example host.name="foo.bar">foo.bar ESMTP Sendmail ready. </example>
     <example host.name="foo.bar">foo.bar ESMTP Sendmail</example>
     <example host.name="foo.bar">foo.bar Sendmail ready. </example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:-"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="system.time"/>
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
@@ -1490,10 +1563,12 @@
   <fingerprint pattern="^ESMTP Sendmail +([^/ ]+) */ *([^/ ]+); (\w\w\w, \d+ \w\w\w \d\d\d\d [\d:]+ [-+]\d\d\d\d)$">
     <description>Sendmail - with version and date, w/o hostname or platform (semicolon variant)</description>
     <example service.version="8.13.1" sendmail.config.version="8.13.1" system.time="Thu, 30 Nov 2017 01:58:22 -0700">ESMTP Sendmail  8.13.1/8.13.1; Thu, 30 Nov 2017 01:58:22 -0700</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
     <param pos="1" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="2" name="sendmail.config.version"/>
     <param pos="3" name="system.time"/>
   </fingerprint>
@@ -1501,11 +1576,13 @@
   <fingerprint pattern="^([^ ]+) +ESMTP +Sendmail ([^ /]+) \([^\)]+\) *(.+) \(.+\)$">
     <description>Sendmail - unknown (date in version string variant)</description>
     <example>mail.foo.bar ESMTP Sendmail 8.11.1 (1.1.2.11/12Jul01-1016AM) Wed, 8 Jan 2003 11:21:22 +0100 (MET)</example>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss Z"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="3" name="system.time"/>
   </fingerprint>
@@ -1513,19 +1590,23 @@
   <fingerprint pattern="^([^ ]+) Sendmail ([^;]+); ([^;\.]+)$">
     <description>Sendmail - unknown platform, variant 1</description>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="0" name="system.time.format" value="EEE, d MMM yyyy HH:mm:ss zzz"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="3" name="system.time"/>
   </fingerprint>
   <fingerprint pattern="^Sendmail ([^/]+)/([^/]+) ready on ([^ ]+)$">
     <description>Sendmail - basic with version and date</description>
+    <param pos="0" name="service.vendor" value="Sendmail"/>
     <param pos="0" name="service.family" value="Sendmail"/>
     <param pos="0" name="service.product" value="Sendmail"/>
     <param pos="1" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sendmail:sendmail:{service.version}"/>
     <param pos="2" name="sendmail.config.version"/>
     <param pos="3" name="host.name"/>
   </fingerprint>
@@ -1751,11 +1832,12 @@
     <example host.name="foo.bar" service.version="5.3.1">foo.bar ESMTP CommuniGate Pro 5.3.1</example>
     <example host.name="foo.bar" service.version="6.2c3">foo.bar ESMTP CommuniGate Pro 6.2c3</example>
     <example host.name="foo.bar" service.version="4.3.12">foo.bar ESMTP CommuniGate Pro 4.3.12. It is you again :-(</example>
-    <param pos="0" name="service.vendor" value="Communigater"/>
+    <param pos="0" name="service.vendor" value="Communigate"/>
     <param pos="0" name="service.family" value="Pro"/>
-    <param pos="0" name="service.product" value="ESMTP"/>
+    <param pos="0" name="service.product" value="Communigate Pro"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:communigate:communigate_pro:{service.version}"/>
   </fingerprint>
   <fingerprint pattern="^(\S+) NO UCE NO UBE NO RELAY PROBES ESMTP">