Apple · Macos X Server · CVE-2010-0524
**Name of the Vulnerable Software and Affected Versions**
Apple Mac OS X Server versions prior to 10.6.3
**Description**
The issue concerns the default configuration of the FreeRADIUS server, which allows EAP-TLS authenticated connections based on an arbitrary client certificate. This enables remote attackers to gain network connectivity by sending a crafted RADIUS Access Request message.
**Recommendations**
For Apple Mac OS X Server versions prior to 10.6.3, update to version 10.6.3 or later to resolve the issue.