| Vulnerability Description |
Independent Computing Architecture (ICA) is a proprietary protocol for an application server system, designed by Citrix Systems. The protocol lays down a specification for passing data between server and clients. ICA is broadly similar in purpose to window servers such as the X Window System. It also provides for the feedback of user input from the client to the server, and a variety of means for the server to send graphical output, as well as other media such as audio, from the running application to the client. |
| Vulnerability Details | The Seamless windows feature gives a better user experience at the Citrix ICA client. It makes the application seem more as though it were running locally. In seamless window, session sharing takes place, and multiple applications can be opened on the same connection. From a security perspective, seamless windows are less secure. Because the session negotiations for all but the first application are encrypted, IPS cannot properly inspect the Citrix ICA connection. In a non-seamless window, the session negotiation for the application at the start of the connection is unencrypted. This means that SmartDefense is able to inspect the connection.
Note that in the Citrix ICA server, session sharing is enabled by default. |
Feedback