Buffer overflow on long HTTP HOST header. By using Syncookie it's possible to bypass packet filtering.
vulners.com/securityvulns/securityvulns:doc:2156
vulners.com/securityvulns/securityvulns:doc:2158
vulners.com/securityvulns/securityvulns:doc:2782