Cisco Cisco Firepower Management Center 4000 Guía Del Desarrollador
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
548
Understanding Legacy Data Structures
Legacy Discovery Data Structures
Appendix B
Scan Result Data Block 4.10.0 - 5.1.1.x
The Scan Result data block describes a vulnerability and is used within Add Scan
Result events (event type 1002, subtype 11). The Scan Result data block has a
block type of 102.
The following diagram shows the format of a Scan Result data block:
The following diagram shows the format of a Scan Result data block:
Generic Scan
Results Block
Type
uint32
Initiates a Generic Scan Results data block
describing server and operating system data
detected during a scan. This value is always 71.
Generic Scan
Results Block
Length
uint32
Number of bytes in the Generic Scan Results
data block, including eight bytes for the generic
scan results block type and length fields, plus the
number of bytes in the scan result data that
follows.
Generic Scan
Results
Data*
variable
Information relating to each scan result.
Generic List
Block Type
uint32
Initiates a Generic List data block comprising
User Product data blocks conveying host input
data from a third party application. This value is
always 31.
Generic List
Block Length
uint32
Number of bytes in the Generic List data block,
including the list header and all encapsulated
User Product data blocks.
User Product
Data Blocks *
variable
User Product data blocks with a block type of 65
containing host input data. See
on page 554 for
a description of this data block.
Scan Result Data Block for 4.6.1 - 4.9.1.x Fields (Continued)
F
IELD
D
ATA
T
YPE
D
ESCRIPTION
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Scan Result Block Type (102)
Scan Result Block Length
User ID