Tiny Server 1.1 allows remote attackers to cause a denial of service (crash) via malformed HTTP requests such as (1) a GET request without the HTTP version (HTTP/1.1), or (2) a request without GET or the HTTP version.
https://exchange.xforce.ibmcloud.com/vulnerabilities/14928
http://www.autistici.org/fdonato/advisory/tinyServer1.1%5B1.0.5%5D-adv.txt