This weblog is no longer being maintained. All information here has been ported to EclecticEchoes.com. This site (heupel.com/eclectic) remains only for archival purposes.
A new CERT® advisory was issue yesterday CA-2003-26.
This advisory is for multiple vulnerabilities in for SSL / TLS protocol implementations. Primarily occuring in ASN.1 parsing code. Possible impact ranges from DOS to allowing attacker to execute arbitrary code.
Be sure to visit the advisory for specific vendor solutions.