Cisco Cisco Firepower Management Center 4000 Guía Del Desarrollador
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
339
Understanding Discovery & Connection Data Structures
Host Discovery and Connection Data Blocks
Chapter 4
Operating System Fingerprint Data Block 5.1+
The Operating System Fingerprint data block has a block type of 130 in the series
1 group of blocks. The block includes a fingerprint Universally Unique Identifier
(UUID), as well as the fingerprint type, the fingerprint source type, and the
fingerprint source ID.
Vulnerability
ID
uint32
The Sourcefire vulnerability ID.
Third-Party
Vulnerability
UUID
uint8 [16]
A unique ID number for the third-party
vulnerability, if one exists. Otherwise, the value
is 0.
String Block
Type
uint32
Initiates a String data block for the vulnerability
name. The value is always 0.
String Block
Length
uint32
The number of bytes in the String data block for
the vulnerability name, including eight bytes for
the string block type and length, plus the
number of bytes in the vulnerability name.
Vulnerability
Name
string
The vulnerability name.
Client
Application ID
uint32
The application ID of the client application. For
server vulnerabilities, the value is 0.
Application
Protocol ID
uint32
The application ID of the application protocol
used by client application. For server
vulnerabilities, the value is 0.
String Block
Type
uint32
Initiates a String data block for the version
string. The value is always 0.
String Block
Length
uint32
The number of bytes in the String data block for
the version, including eight bytes for the string
block type and length, plus the number of bytes
in the client application version string.
Version
string
The client application version. For server
vulnerabilities, the value is 0.
User Vulnerability Data Block Fields (Continued)
F
IELD
D
ATA
T
YPE
D
ESCRIPTION