The get_real_string function in Monkey HTTP Daemon (monkeyd) 0.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an HTTP request with a sequence of "%" characters and a missing Host field.
https://exchange.xforce.ibmcloud.com/vulnerabilities/15187
http://monkeyd.sourceforge.net/