FreeBSD Security Advisory FreeBSD-SA-02:33 - OpenSSL prior to v0.9.6e contains several remotely exploitable buffer overflows, including errors in the handling of the client master key in the SSL2 protocol implementation; the handling of the session ID in the SSL3 protocol; and in the handling of buffers used for representing integers in ASCII on 64-bit platforms. Disabling the SSL2 protocol in server applications should render server exploits harmless. There is no known workaround for client applications.
83bbc8a0b3d5053c48708c3bfd3faa3d4dc05476ff101ba705ac7e26925b6084