A vulnerability was reported in Ntpd. A remote user can cause denial of service conditions on the target system.
A remote user with knowledge of a symmetric association between two hosts can periodically send a specially crafted packet to one host of the symmetric association to cause both hosts to fail to synchronize.
Systems that are configured to use symmetric key authentication are affected.
Miroslav Lichvar of Red Hat reported this vulnerability.
A remote user can cause two hosts of a symmetric association to fail to synchronize.
The vendor has issued a fix (4.2.8p2, 4.3.14).