Snort is "an open source network intrusion detection (IDS) and prevention system (IPS). In addition to being available as a package for most Unix operating system distributions, various commercial hardware devices also use Snort as an IDS/IPS". Remote exploitation of a design error vulnerability in Snort, as included in various vendors' operating system distributions, could allow an attacker to bypass filter rules.

http://www.securiteam.com/securitynews/5XP0O0AOAC.html