Buffer overflow in IBM WebSphere web application server (WAS) allows remote attackers to execute arbitrary commands via a long Host: request header.
https://exchange.xforce.ibmcloud.com/vulnerabilities/5252
http://www-4.ibm.com/software/webservers/appserv/doc/v3022/fxpklst.htm#Security