Under limited and specific circumstances an attacker can send a crafted
remote-configuration packet containing a NUL-byte to cause a vulnerable
ntpd instance to crash. This requires each of the following to be true:
ntpd set up to allow for remote configuration (not allowed by
default)
knowledge of the configuration password
access to a computer entrusted to perform remote configuration