The Network Time Foundation's NTP Project has released an update addressing multiple vulnerabilities in ntpd. Exploitation of these vulnerabilities may allow an attacker to conduct a man-in-the-middle attack or cause a denial of service condition.
Users and administrators are encouraged to review Vulnerability Note VU#374268 for more information and update to NTP 4.2.8p2 if necessary.
Please share your thoughts.
We recently updated our anonymous product survey; we'd welcome your feedback.