Andrew Christiansen contacted IBM® Lotus® to report a potential vulnerability in unauthenticated transactions using the Notes Remote Procedure Call (NRPC) protocol on port 1352. The advisory address is as follows: http://www.fortconsult.net/artikler/advisories.php The NRPC protocol uses an unauthenticated transaction to look up a user who is not yet authenticated so that the user can fetch their ID file during Notes® setup. This transaction is optionally used when a user is first registered or when a roaming user connects from a new client."
IBM Lotus Notes information leakage on port 1352 via the Lotus Domino Support RSS feed.