CVE-2009-2620

Name	CVE-2009-2620
Description	src/remote/server.cpp in fbserver.exe in Firebird SQL 1.5 before 1.5.6, 2.0 before 2.0.6, 2.1 before 2.1.3, and 2.5 before 2.5 Beta 2 allows remote attackers to cause a denial of service (daemon crash) via a malformed op_connect_request message that triggers an infinite loop or NULL pointer dereference.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs	539477, 539478

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Debian Bugs
firebird2.0	source	lenny	2.0.4.13130-1.ds1-4+lenny1
firebird2.0	source	(unstable)	2.0.5.13206-0.ds2-4	low	539477
firebird2.1	source	(unstable)	2.1.2.18118-0.ds1-4	low	539478