The ntpd(8) daemon is an implementation of the Network Time Protocol (NTP) used to synchronize the time of a computer system to a reference time source.
Problem description
If ntpd receives a mode 7 MODE_PRIVATE request or error response from a source address not listed in either a ‘restrict … noquery’ or a ‘restrict … ignore’ section it will log the even and send a mode 7 error response.
Impact
If an attacker can spoof such a packet from a source IP of an affected ntpd to the same or a different affected ntpd, the host(s) will endlessly send error responses to each other and log each event, consuming network bandwidth, CPU and possibly disk space.
Advisory
Original advisory and solution: FreeBSD-SA-10:02.ntpd