Vulnerabilities Identified in Network Time Protocol Daemon (ntpd)

Original release date: November 21, 2016

The Network Time Foundation's NTP Project has released version ntp-4.2.8p9 to address multiple vulnerabilities in ntpd. Exploitation of some of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition.

US-CERT encourages users and administrators to review Vulnerability Note VU#633847 and the NTP Security Notice Page for vulnerability and mitigation details.

This product is provided subject to this Notification and this Privacy & Use policy.