The OpenSSL Heartbleed Bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL Software – http://filippo.io/Heartbleed/ is a web based test
Basically an attacker can grab 64K of memory from a server. The attack leaves no trace and can be done multiple times to grab a different random 64K of memory. This means that anything in memory – SSL private keys, user keys, anything – is vulnerable