Cisco Cisco Firepower Management Center 4000 Entwickleranleitung
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
328
Understanding Discovery & Connection Data Structures
Host Discovery and Connection Data Blocks
Chapter 4
Scan Vulnerability Data Block for 4.10.0+
The Scan Vulnerability data block describes a vulnerability and is used within Scan
Result data blocks, which in turn are used in Add Scan Result events (event type
1002, subtype 11). For more information, see
on page 221. The Scan Vulnerability
data block has a block type of 109 in the series 1 group of blocks.
The following diagram shows the format of a Scan Vulnerability data block:
The following diagram shows the format of a Scan Vulnerability data block:
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Scan Vulnerability Block Type (109)
Scan Vulnerability Block Length
Port
Protocol
ID
String Block Type (0)
String Block Length
ID
Name
String Block Type (0)
String Block Length
Vulnerability Name...
Description
String Block Type (0)
String Block Length
Description...
Name Clean
String Block Type (0)
String Block Length
Vulnerability Name Clean...
Description
Clean
String Block Type (0)
String Block Length
Description Clean...