Vulnerability in NTP (ntpd)

Network Time Protocol (NTP) is a networking protocol for clock synchronization among computers and network devices. A denial of service vulnerability has been found in the popular NTP implementation ntpd.

The vulnerability is related to the handling of NTP control messages. An attacker could cause a denial of service condition in the ntpd service by sending it a specially crafted configuration message. Remote configuration is disabled by default in ntpd.

Vulnerability coordination

The vulnerability was discovered by Aleksis Kauppinen of the Codenomicon CROSS project. NCSC-FI would like to thank Codenomicon and the NTP project for participating in the vulnerability coordination.

  • Servers and server applications
  • Workstations and end-user applications
  • Network devices
  • Mobile communications systems
  • Embedded systems
  • Others


  • Servers and server applications
Further information +

Attack vector

  • Locally
Further information on the access vector +


  • Denial-of-service attack
Further information on the impact +


  • Software update patch
Further information on the remediation +

Vulnerable software:

  • NTP 4.2 before 4.2.8p3-RC1
  • NTP 4.3 before 4.3.25

Possible solutions and restrictive measures:

Upgrade the vulnerable software in accordance with instructions from the vendor or the operating system distributor.

Further information:

Contact Information

NCSC-FI Vulnerability Coordination can be contacted as follows:


Please quote the advisory reference [FICORA #829967] in the subject line.


+358 295 390 230

Monday - Friday 08:00 - 16:15 (EET: UTC+2)


Vulnerability Coordination


P.O. Box 313

FI-00181 Helsinki


NCSC-FI encourages those who wish to communicate via email to make use of our PGP key. The key is available at

The NCSC-FI vulnerability coordination policy is available at

Update history

Key words: Information security , Internet , CERT , Vulnerability coordination

LinkedIn Print


The Finnish Communications Regulatory Authority (FICORA)

The National Cyber Security Centre Finland (NCSC-FI)

Itämerenkatu 3 A

P.O. Box 313


Media contacts by telephone +358 295 390 248