Project

General

Profile

Bug #2958

OsmoSGSN doesn't authenticate on second/further ATTACH REQUEST

Added by laforge 5 months ago. Updated about 1 month ago.

Status:
Stalled
Priority:
High
Assignee:
Category:
-
Target version:
-
Start date:
02/17/2018
Due date:
% Done:

50%

Estimated time:
Spec Reference:
Tags:

Description

When a new/unknown MS performs an ATTACH REQUEST for the first time, it is authenticated.

However, if that same MS later performs a second ATTACH REQUEST, even with new P-TMSI/TLLI, it is not authenticated and we simply send an ATTACH ACCEPT. This is a security problem, as it means anyone can impersonate other known-existing IMSIs.


Related issues

Related to OsmoSGSN - Bug #3302: implement a FSM for GMM Attach RequestIn Progress2018-05-29

History

#1 Updated by laforge 3 months ago

  • Assignee changed from sysmocom to lynxis

#2 Updated by lynxis 3 months ago

  • Status changed from New to In Progress

#3 Updated by lynxis about 2 months ago

  • Status changed from In Progress to Stalled
  • % Done changed from 0 to 50

I've started to refactor the whole GMM Attach Request handling into one fsm.
This issue is already fixed in the new fsm implementation.
I've created the ttcn3 testcase

SGSN_Tests.TC_attach_second_attempt
for this.

#4 Updated by lynxis about 2 months ago

  • Related to Bug #3302: implement a FSM for GMM Attach Request added

#5 Updated by laforge about 2 months ago

  • Tags set to TTCN3

#6 Updated by lynxis about 1 month ago

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 48.8 MB)