CVE-2008-6737

Name of the Vulnerable Software and Affected Versions: Crysis versions 1.21 and earlier

Description: The issue allows remote attackers to obtain sensitive player information, such as real IP addresses, by sending a keyexchange packet without a previous join packet. This causes Crysis to send a disconnect packet that includes unrelated log information.

Recommendations: For Crysis versions 1.21 and earlier, as a temporary workaround, consider restricting access to the keyexchange packet handling function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.