I experienced this myself on a pwd protected listener. It resulted from users attempting to manage the listener locally and remotely without knowing the password. I took it as a good indication that security is working and left at that. Why is it an issue for you?
-- //www.freelists.org/webpage/oracle-l