US-CERT is aware of a local privilege escalation vulnerability in Symantec Endpoint Protection. This vulnerability affects all versions of Symantec Endpoint Protection Client 11.x and 12.x running Application and Device Control. Exploitation of this vulnerability may allow an attacker to gain full privileges on an affected system.
Read the full post at darknet.org.uk
A critical vulnerability in all recent versions of Samba could put users on the receiving end of attacks that allow hackers on the same local network to run programs with nearly unfettered administrative privileges.
Samba is an open source implementation of the file-sharing components of Microsoft Windows. Most Linux releases and a wide variety of other operating systems use Samba to handle file-sharing with Windows systems.
The newly discovered bug can be exploited by sending specially manipulated traffic to a vulnerable system. The remote code execution vulnerability resides in Samba's nmbd NetBIOS name service daemon and is the result of the daemon incorrectly handling certain memory operations. The bug was found and fixed by Volker Lendecke, a Samba Team member working for SerNet.