"An attacker can exploit this issue to potentially execute arbitrary
code, trigger denial-of-service conditions, or bypass certificate
revocation list (CRL) checks, causing clients to accept expired or
invalid certificates from servers."
This affects GNU GnuTLS 1.2, specifically with RHEL4.
GnuTLS 1.2.1 fixes this vulnerability. It should also be noted that
32-bit systems are not affected by this issue.
Updates are available for RHEL4. Please update at your earliest