This being the general (not just Mavericks) Server forum and the OP asking about OS X Server, I think a little more discussion is warranted.
The OP asked about Mavericks Server, which is not affected. OS X clients are not affected.
But up through OS X Server 10.8, Apple included an NTP Server as part of the Server OS. In 10.6 and 10.7, it was a nice checkbox in the GUI. In 10.8 you had to enable it via the command line. In 10.9 and beyond, it was removed as part of the server services.
So if you're running anything less than Server 10.9, you could indeed be running an NTP Server. If you are running it and you actually need it, you should disable it until you can figure out a way to patch it up to the latest version 4.2.8 that doesn't have this vulnerability. Otherwise just disable it. There is some discussion that the OS X (and other Linux) versions of ntpd aren't affected anyway because they don't use "autokey" functionality, but that's not confirmed so best to disable or patch it.
To see the version of ntpd that you're running, you can go to the Terminal and type "ntpd --version" (note the two hyphens, not just one, before the word "version"). As of Yosemite 10.10.1, you should see the response "ntpd - NTP daemon program - Ver. 4.2.6".