TOC & Recently Viewed

Recently Viewed Topics

Network Client Detection

Match patterns that begin with the ^ symbol mean at least one line in the packet payload must begin with the following pattern. Match patterns that begin with the ! symbol indicate that the string must NOT match anything in the packet payload. In this case, the ! and ^ symbols are combined to indicate that NNM should not evaluate any packet whose payload contains a line starting with the pattern Received:.

The ^ is more expensive to evaluate than the > symbol. So, while both match patterns ^<pattern> and ><pattern> would find <pattern> at the beginning of a packet payload, the use of > is more desirable as it is less costly. Use ^ when looking for the occurrence of a string at the beginning of a line, but not at the beginning of the packet payload. In the latter case, use the > character instead.




name=Buffer overflow in multiple IMAP clients

description=The remote e-mail client is Mozilla 1.3 or 1.4a which is vulnerable to a boundary condition error whereby a malicious IMAP server may be able to crash or execute code on the client.

solution=Upgrade to either 1.3.1 or 1.4a





match=^User-Agent: Mozilla


regex=^User-Agent: Mozilla/.* \(.*rv:(1\.3|1\.4a)

Copyright © 2019 Tenable, Inc. All rights reserved. Tenable,, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.., Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.