<< DB2 Development Workbench | Home | IBM - Server Slowdown during transaction logging if flushing does not succeed >>

About

This is the blog of Mikkel Flindt Heisterberg about all things Lotus. More detailed info about me, incl. bio, can be found on the about me page.

I'm available for consulting work. E-mail me (see the about me page) for address.
Lotusphere 2012
Lotusphere 2011
Lotusphere 2010
Lotusphere 2009
Lotusphere 2008
Lotusphere 2007
Lotusphere 2006
Disclaimer, copyright and license info.

Donate to LotusScript.doc!

RSS | Atom | E-mail

Navigate

Categories | Tags | Advanced Search

Tags

Recent Blog Entries

IBM moving to electronic support only
Starting June 2012 customers are "requested" to start opening IBM Serbice Requests (SR) using the electronic support portal and from 2013 only electronic entry will be possible for severity 2, 3 and 4. This is in no way a surprise and makes IBM move ...
Joda Time comment
Ulrich Krause has an interesting post (Joda to the rescue) and I just had to comment on as I - probably to no surprise to many - work a lot with dates for the OnTime Suite. Ulrich is using the Joda Time library to compare two dates to see if they are on ...
Day in the Life presentation with Chris Crummey
Chris is an excellent presenter and I had the pleasure of seeing him present again at the keynote at BLUG. The video runs 12 minutes and it's an excellent overview of the IBM collaboration solutions.
Jason Fried: Why work doesn't happen at work
Excellent TED video on why work doesn't happen at work. "Jason Fried has a radical theory of working: that the office isn't a good place to do it. At TEDxMidwest, he lays out the main problems (call them the M&Ms) and offers three ...
Go the f*ck home!
Really loved this Ignite Talk with a very provocative title - Go the f*ck home! (link to video on YouTube) as it confirms something I'm a strong believer in - you do not get more done just because you spend more time at the office. The talk also points ...
AWS Marketplace
Just got word today that Amazon Web Services (AWS) is now offering a Marketplace (aws.amazon.com/mark...
Tag til brugergruppe i Norge
Kan du ikke deltage i Dannotes i starten af maj og/eller trænger du til at se nye mennesker eller få nye impulser så tag til den norske Notes brugergruppe LSBG d. 23. og 24. maj i Larvik. Jeg var deroppe sidste år og det er et ...
Amazon gives Google a run for its money with CloudSearch
I'm a big proponent of Amazon Web Services (AWS) so it came as no surprise when Amazon today announced its latest addition to the AWS family - AWS CloudSearch. "Amazon CloudSearch adds search capabilities for your website or application without the ...

Recent Responses

Re: IBM moving to electronic support only
While I have no problems with electronic submissions, it makes many assumptions about the expertise of the submitter, the availability of the electronic support system, the prior setup of the submitter to be properly provisioned to submit technical ...
Re: IBM moving to electronic support only
I guess they can find a better random answer generator than that :)
Re: IBM moving to electronic support only
Iimagine Watson will be answering the emails.
Re: IBM moving to electronic support only
Selling less for more hardly ever is a good thing, at least for the customer. I consider this a bad move but IBM is not alone. Customer service nowadays seems to be a perfect place for saving money. People need customer support when their product does ...
Re: Send/SMS...
Hi, div/div divYou may also check how to send sms from lotus notus with Ozeki NG SMS Gateway:/div divhttp://www.sms-in...
Re: Joda Time comment
Mikkel, That is very useful indeed! Thanks for sharing!
Re: Multiple SMTP relay hosts
Hi, Thank you very much, it is too useful.
Re: Go the f*ck home!
I agree with the overall conclusion, however I am fairly sure that the study could easily be improved. As I read the study it assumes that work hours are consequtive. Many studies over time have shown that the most effective / productive way of working is ...
Re: Jason Fried: Why work doesn't happen at work
He gets some good laughs, but Ican't sayI really agree with him....maybe I'm just weird. His take on meetings might work when you're building a web startup, but I can't imagine we'd get a space shuttle in the air without meetings and a common place for ...
Re: Show 'n Tell Thursday: SWT drag'n'drop in Notes 8.0.x and Notes 8.5 (19 February 2009)
I think you have to cast to the Person interface and not the implementation class btw.

Log me in using Google

Potential IBM Lotus Notes information leakage on port 1352

Andrew Christiansen contacted IBM® Lotus® to report a potential vulnerability 
in unauthenticated transactions using the Notes Remote Procedure Call (NRPC) 
protocol on port 1352. 
The advisory address is as follows:
http://www.fortconsult.net/artikler/advisories.php

The NRPC protocol uses an unauthenticated transaction to look up a user 
who is not yet authenticated so that the user can fetch their ID file during 
Notes® setup. This transaction is optionally used when a user is first 
registered or when a roaming user connects from a new client."

IBM Lotus Notes information leakage on port 1352 via the Lotus Domino Support RSS feed.

Tags : notes.ini, security, technote

Posted by Mikkel Flindt Heisterberg on 08 November 2006 22:53:39 CET #

November 2006
Mon	Tue	Wed	Thu	Fri	Sat	Sun
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30
Oct \| Today \| Dec

2012 May (3) April (8) March (8) February (12) January (3)	2011 December (11) November (1) October (13) September (7) August (8) July (7) June (8) May (13) April (1) March (7) February (4) January (5)
2010 December (10) November (7) October (13) September (10) August (18) July (11) June (16) May (12) April (11) March (14) February (12) January (9)	2009 December (17) November (12) October (20) September (3) August (17) July (12) June (15) May (6) April (19) March (14) February (23) January (25)
2008 December (24) November (14) October (10) September (15) August (18) July (12) June (14) May (26) April (22) March (32) February (29) January (37)	2007 December (17) November (24) October (20) September (23) August (20) July (9) June (17) May (24) April (12) March (8) February (18) January (33)
2006 December (13) November (29) October (32) September (22) August (30) July (18) June (47) May (33) April (43) March (28) February (28) January (20)	2005 December (14) November (19) October (11) September (13) August (24) July (22) April (9) March (14) February (10) January (3)
2004 December (13) November (6)

Re: Potential IBM Lotus Notes information leakage on port 1352 Comment from Anonymous on 23 May 2012 21:26:34 CEST #
Title
Body	HTML : b, strong, i, em, blockquote, br, p, pre, a href="", ul, ol, li, sub, sup
OpenID Login	(Not me?)
Name
E-mail address
Website
Remember me	Yes No
E-mail addresses are not publicly displayed, so please only leave your e-mail address if you would like to be notified when new comments are added to this blog entry (you can opt-out later).

Potential IBM Lotus Notes information leakage on port 1352

Re: Potential IBM Lotus Notes information leakage on port 1352