Lotus Domino server 5.0.9a and earlier allows remote attackers to cause a denial of service by exhausting the number of working threads via a large number of HTTP requests for (1) an MS-DOS device name and (2) an MS-DOS device name with a large number of characters appended to the device name.
http://www.securityfocus.com/bid/4020
http://www.securityfocus.com/bid/4019
http://www.securityfocus.com/archive/1/253830
http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0037.html