Tiny Server 1.1.9 and earlier allows remote attackers to cause a denial of service (crash) via a long string in a GET request without an HTTP version number.Referenceshttp://www.exploit-db.com/exploits/18524https://exchange.xforce.ibmcloud.com/vulnerabilities/73482
