## NCPA 2.4.0 on Windows Server 2016 Exposed to SSL/TLS Renegotiation DoS Vulnerability (CVE-2011-1473, CVE-2011-5094)
A critical denial-of-service (DoS) vulnerability, dormant for over a decade, has been detected in a modern enterprise monitoring setup. A scan of a Windows Server 2016 system running Nagios Cross-Platform Agent (NCPA) version 2.4.0 flagged the presence of CVE-2011-1473 and CVE-2011-5094. These flaws, which affect the SSL/TLS service, indicate that the server's encrypted communication layer is vulnerable to exploitation. The detection result specifically shows that the service successfully completed 10 TLSv1.2 handshake renegotiations over a single existing connection, confirming the system's susceptibility.

The core of the vulnerability lies in the service's failure to properly restrict client-initiated renegotiation. This allows a remote attacker to repeatedly request new SSL/TLS handshakes within one established connection. Each renegotiation consumes significant CPU resources on the server. By automating this process to perform 'many renegotiations,' an attacker could exhaust server CPU capacity, leading to a service outage and a classic resource consumption DoS attack. The affected component is not the Windows Server OS itself, but the specific SSL/TLS service implementation used by NCPA or its underlying libraries.

This finding exposes a significant operational security gap where legacy cryptographic vulnerabilities persist in contemporary infrastructure. The prescribed solution is a vendor-provided patch, but the bulletin notes a more drastic general mitigation: completely disabling renegotiation capabilities in the affected service. For system administrators, this creates immediate pressure to identify all instances of NCPA 2.4.0 (and potentially other services using vulnerable SSL/TLS stacks), assess the risk of disabling a standard TLS feature versus applying a patch, and coordinate with vendors for a specific fix to close this attack vector before it can be weaponized.
---
- **Source**: GitHub Issues
- **Sector**: The Lab
- **Tags**: Cybersecurity, Vulnerability, Windows Server, TLS, Denial of Service
- **Credibility**: unverified
- **Published**: 2026-04-07 20:27:16
- **ID**: 53728
- **URL**: https://whisperx.ai/en/intel/53728