Avast WEBforum

Consumer Products => Avast Mac Security => Topic started by: Cards Fan in SoCal on November 21, 2016, 11:45:24 PM

Title: JS:Includer-BOC[Trj] and Vulnerability ID: CVE-2015-0932
Post by: Cards Fan in SoCal on November 21, 2016, 11:45:24 PM

Originally posted on Worms and Viruses board, but posting here now, as it is a collection of mac networks.



My Netflix account has been compromised, we reset the password, and it was compromised again the next day.  The person at Netflix is concerned that the hackers are able to view our emails or getting info from our home computer network.

Using Avast, the Home Network Security Scan, complains about my router: Netgear Nighthawk 1900 having Vulnerability ID:
CVE-2015-0932, which says "User input can be executed as a command"

Looking at the Netgear user community, there was a thread from last month showing that this is a false positive.

Using the Full System Scan, it found a JS:Includer-BOC[Trj] file in the firefox downloads of one of the users on one laptop in the home network.  Another laptop on the network is scanning clean.  The third laptop on the network does not have Avast yet, and I am working on that.

How concerned should I be about these issues Avast has reported?
Title: Re: JS:Includer-BOC[Trj] and Vulnerability ID: CVE-2015-0932
Post by: Eddy on November 22, 2016, 12:04:38 AM
If you lookup the CVE, you will see that it is not a false threat.
Title: Re: JS:Includer-BOC[Trj] and Vulnerability ID: CVE-2015-0932
Post by: Cards Fan in SoCal on November 22, 2016, 06:49:35 AM
So what steps do I take with the CVE issue?  Do I need a new router?
Title: Re: JS:Includer-BOC[Trj] and Vulnerability ID: CVE-2015-0932
Post by: Eddy on November 22, 2016, 11:40:09 AM
With routers the insecurity almost always comes through issues with the firmware.
First thing to do is checking if there is a newer version and if there is install it.
Title: Re: JS:Includer-BOC[Trj] and Vulnerability ID: CVE-2015-0932
Post by: Cards Fan in SoCal on November 23, 2016, 12:29:00 AM
Firmware is already up to the latest version.
Title: Re: JS:Includer-BOC[Trj] and Vulnerability ID: CVE-2015-0932
Post by: tumic on November 23, 2016, 12:07:49 PM
Does it still show up with the latest VPS? This false-positive should be AFAIK fixed.
Title: Re: JS:Includer-BOC[Trj] and Vulnerability ID: CVE-2015-0932
Post by: Cards Fan in SoCal on November 23, 2016, 06:59:29 PM
The router Vulnerability is now gone.  Thanks.
Title: Re: JS:Includer-BOC[Trj] and Vulnerability ID: CVE-2015-0932
Post by: TED123 on November 24, 2016, 08:46:43 PM
Download the latest firmware from your  router manufacture, re flash it even if it is the same version. Then change your email password and change your Netflix password. Clear browser history and cookies after every password change. Do this all in one sitting. Is there another PC or computers on your network??? If so, first check those out for malware before you change everything.