We ran a public NTP server for many years. Then, details hazy, but I think there was a UDP amplification vulnerability that was exploited which upset our transit provider so we took it down. Might be fun to try again though.
A fully-patched NTP server should be fine. A lot of tier-2 ISPs were treating their NTP servers as abandonware that never got updates, so they ended up being ripe for UDP amplification attacks, but that was a vulnerability in ancient software, not the protocol.