There are few cryptographic problems allow to analize sniffed traffic. There is a possibility of request spoofing. Some implementation problems allow to DoS server or to elevate priveges.
vulners.com/securityvulns/securityvulns:doc:2177
vulners.com/securityvulns/securityvulns:doc:2178
vulners.com/securityvulns/securityvulns:doc:2179
vulners.com/securityvulns/securityvulns:doc:2181