ntpd
is configured to allow remote configuration, and if the (possibly spoofed) source IP address is allowed to send remote configuration requests, and if the attacker knows the remote configuration password or if ntpd
was (foolishly) configured to disable authentication, then an attacker can send a set of packets to ntpd
that may cause it to crash, with the hypothetical possibility of a small code injection.
ntpd
equires: ntpd
instances.