There is a new, remotely exploitable vulnerability in OpenSSL that could enable an attacker to intercept and decrypt traffic between vulnerable clients and servers. The flaw affects all versions of the OpenSSL client and versions 1.0.1 and 1.2-beta1 of the server software. The vulnerability could only be exploited to decrypt traffic from a vulnerable client and a vulnerable server, and the attacker would need to have a man-in-the-middle position on a network in order to do so. Researchers who have looked at the vulnerable piece of code say that it appears to have existed, nearly unchanged, in the source since 1998.
Source: https://threatpost.com/new-openssl-mitm-flaw-affects-all-clients-some-server-versions/106470/