Project

General

Profile

Bug #2958

OsmoSGSN doesn't authenticate on second/further ATTACH REQUEST

Added by laforge 2 months ago. Updated 13 days ago.

Status:
New
Priority:
High
Assignee:
Category:
-
Target version:
-
Start date:
02/17/2018
Due date:
% Done:

0%

Spec Reference:

Description

When a new/unknown MS performs an ATTACH REQUEST for the first time, it is authenticated.

However, if that same MS later performs a second ATTACH REQUEST, even with new P-TMSI/TLLI, it is not authenticated and we simply send an ATTACH ACCEPT. This is a security problem, as it means anyone can impersonate other known-existing IMSIs.

20180216-sgsn-second-attach-no-auth.pcap (2.37 KB) laforge, 02/17/2018 05:29 PM

History

#1 Updated by laforge 13 days ago

  • Assignee changed from sysmocom to lynxis

Also available in: Atom PDF