Mandrake Security Advisory MDVSA-2009:186 (firebird)

The remote host is missing an update to firebird announced via advisory MDVSA-2009:186.
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
A vulnerability has been found and corrected in firebird: src/remote/server.cpp in fbserver.exe in Firebird SQL 1.5 before 1.5.6, 2.0 before 2.0.6, 2.1 before 2.1.3, and 2.5 before 2.5 Beta 2 allows remote attackers to cause a denial of service (daemon crash) via a malformed op_connect_request message that triggers an infinite loop or NULL pointer dereference (CVE-2009-2620). This update provides fixes for this vulnerability. Affected: Enterprise Server 5.0