Snort can be buffer overflowed. About once a year, Snort gets a buffer overflow vulnerability. Any piece of additional software in a defense strategy has to be carefully considered (e.g. Snort, ...