A network intrusion detection system (IDS) does not properly handle packets that are sent out of order, allowing an attacker to escape detection.