RE: breakout of citrix

[Nathaniel Hall <halln () otc edu>]

I had the same breakout problem.  Luckily, I saw your e-mail in time for 
a security audit we are beginning at the end of the month.  I will keep 
the list posted on how the issue is fixed.

Nathaniel Hall
Intrusion Detection and Firewall Technician
Ozarks Technical Community College -- Office of Computer Networking

halln () otc edu
417-799-0552



Depp, Dennis M. wrote:

> Can you tell me what version of Citrix you are running and what version
> of the client?  I was unable to reproduce this with Metaframe
> Presentation Server 3.0 and the Java 8.0 client.  You might check the
> version of the Citrix client you are running.  The current Widnows
> version is 8.0.  My WYSE terminals shipped with version 7.1 of the ICA
> client.  There is a download available to upgrade to the version 8
> client.
>
> Dennis
>
>  
>
> > -----Original Message-----
> > From: Kenzo [mailto:kenzo_chin () hotmail com] 
> > Sent: Tuesday, October 19, 2004 12:51 PM
> > To: security-basics () securityfocus com
> > Subject: breakout of citrix
> >
> > I was wondering if anyone has seen this and if there is a fix 
> > for this.
> > basically this is what's happening.
> > We have a test citrix environment serving couple apps.
> > The clients can either connect using the windows ica client 
> > or thru a WYSE
> > terminal.
> > In both case the same thing happens.
> > One particular app that we provide is MS word.
> > I discovered that if you insert a link into the work document 
> > such as "c:\"
> > and click on it.
> > Citrix freaks out, then gives you the desktop of the citrix server.
> > From there you can do access what ever programs you want.
> >
> > Any ideas on how to fix this??
> >
> > Thanks.
> >
> >