Vulnerabilities Identified in Network Time Protocol Daemon (ntpd)

Original release date: April 08, 2015

The Network Time Foundation’s NTP Project has released an update addressing multiple vulnerabilities in ntpd. Exploitation of these vulnerabilities may allow an attacker to conduct a man-in-the-middle attack or cause a denial of service condition.

Users and administrators are encouraged to review Vulnerability Note VU#374268 for more information and update to NTP 4.2.8p2 if necessary.


This product is provided subject to this Notification and this Privacy & Use policy.

Source: US-CERT