Pretty decent walk-through of this devestating vulnerability.
It is my understanding that this type of exploit would typically cause a server to crash (modern operating systems won't allow random memory access in this way), however in this case OpenSSL uses a custom memory allocation method for performance reasons. Still, surprising that the overflow isn't checked for, it's one of the most common sources of vulnerability.