CVE-2009-2620

NameCVE-2009-2620
Descriptionsrc/remote/server.cpp in fbserver.exe in Firebird SQL 1.5 before 1.5.6, 2.0 before 2.0.6, 2.1 before 2.1.3, and 2.5 before 2.5 Beta 2 allows remote attackers to cause a denial of service (daemon crash) via a malformed op_connect_request message that triggers an infinite loop or NULL pointer dereference.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)
Debian Bugs539477, 539478

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
firebird2.0sourcelenny2.0.4.13130-1.ds1-4+lenny1
firebird2.0source(unstable)2.0.5.13206-0.ds2-4low539477
firebird2.1source(unstable)2.1.2.18118-0.ds1-4low539478

Search for package or bug name: Reporting problems