OpenSSL: denial of service, arbitrary code execution Vulnerability

Users of OpenSSL please be advised of a denial of service, arbitrary code execution vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (

USN-1018-1: [USN-1018-1] OpenSSL vulnerability
Details follow:

Rob Hulswit discovered a race condition in the OpenSSL TLS server

extension parsing code when used within a threaded server. A remote

attacker could trigger this flaw to cause a denial of service

or possibly execute arbitrary code with application privileges.