Information about the upcoming distrust of RapidSSL, Geotrust, Thawte and Symantec certificates.
The attack is only possible against connections supporting SSLv2. This is a very old protocol from 1995. However some systems still allow SSLv2 connections. To protect your server you should disable SSLv2.
The vulnerability could potentially allow allow an attacker to generate a valid leaf certificate which OpenSSL would recognise as a CA.