Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service (crash) via a crafted packet. NOTE: some of these details are obtained from third party information.

More... (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0891)