The parse_chunk_header function in libtorrent before 1.1.1 allows remote attackers to cause a denial of service via a crafted HTTP response or possibly a UPnP broadcast.