NULLhttpd version 0.5.1 and below is vulnerable to a remote denial of service attack that utilizes 100% of the CPU and consumes any unused memory.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/31696/nullhttpd.dos.txt
Source: https://packetstormsecurity.com/files/31696/nullhttpd.dos.txt.html