[原文]Small HTTP Server 2.03 and earlier allows remote attackers to cause a denial of service by repeatedly requesting a URL that references a directory that does not contain an index.html file, which consumes memory that is not released after the request is completed.
source : http://www.securityfocus.com/bid/1941/info
Small HTTP Server is a full service web server. This utility is less than 30Kb and requires minimal system resources.
Small HTTP Server is subject to a denial of service. When making an http request without a filename specified the server will attempt to locate index.html in that particular directory, if index.html does not exist the server will utilize a large amount of system memory . If numerous http requests, again structured without a filename, are sent to the web server, an attacker could cause the server to consume all system memory. A restart of the application is required in order to gain normal functionality.