Cisco Cisco Firepower Management Center 4000 Guia Do Programador
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
329
Understanding Discovery & Connection Data Structures
Host Discovery and Connection Data Blocks
Chapter 4
The
Scan Vulnerability Data Block Fields
table describes the fields of the Scan
Vulnerability data block.
Bugtraq ID
List Block Type (11)
List Block Length
Integer Data Blocks (Bugtraq IDs)...
CVE ID
List Block Type (11)
List Block Length
CVE ID...
Scan Vulnerability Data Block Fields
F
IELD
D
ATA
T
YPE
D
ESCRIPTION
Scan
Vulnerability
Block Type
uint32
Initiates a Scan Vulnerability data block. This
value is always 109.
Scan
Vulnerability
Block Length
uint32
Number of bytes in the Scan Vulnerability data
block, including eight bytes for the scan
vulnerability block type and length fields, plus the
number of bytes of scan vulnerability data that
follows.
Port
uint16
Port used by the sub-server affected by the
vulnerability.
Protocol
uint16
IANA protocol number or Ethertype. This is
handled differently for Transport and Network
layer protocols.
Transport layer protocols are identified by the
Transport layer protocols are identified by the
IANA protocol number. For example:
•
6 — TCP
•
17 — UDP
Network layer protocols are identified by the
decimal form of the IEEE Registration Authority
Ethertype. For example:
•
2048 — IP
String Block
Type
uint32
Initiates a String data block for the ID.