Recursive calling vulnerability is the kind of attack seen on Friday 2016-06-17. The process is draining the ether contained in the DAO into a child DAO.
In essence, a call that looks like a regular call can easily be turned into a recursive call, and unless the application is coded very carefully, it can be used to make multiple withdrawals when only one should be allowed.