It never ceases to amaze me to find legacy Citrix implementations out there, but it happens (often).
A common mis-conception in years past was that Citrix was a secure remote access solution. Although more current versions of the architecture may indeed be more secure, it is certainly no replacement for a true secure remote access solution, such as IPSec or SSL VPNs.
At any rate, while auditing a client recently, I ran across a legacy implementation of Citrix (again), and thought it worth posting about should anyone stumble upon this site.
It is a great reference for legacy versions of Citrix, and I will be having an in-depth conversation with my client about this in the days to come.
A more recent reference to hacking Citrix is from GNUCITIZEN and can be found here