Some development shops like to separate their proprietary code base from third party or open source code.
Unfortunately, in some cases, it may: not be possible/difficult to do, there may be stronger justification not to do this or it just simply was not done at the beginning of the development cycle.
For those in the latter scenario, there are commercial products out there to avoid getting into hot water from a legal standpoint. Black Duck has a product called protexIP, which properly identifies open source and proprietary source. A full product review can be found here (ITWorldCanada).
Unfortunately, while its intentions are good, the product received a poor review and it was recommended that users wait for the product to mature.
While on the topic of searching through code, there are several free services out there (i.e. Google Code Search, Krugle, Koders, etc) that searches through source code on the net. There are also several plug-ins for various IDEs such as Eclipse or Visual Studio where people can directly search for source code. http://egcs.javaforge.com/ is an example in Eclipse.
Ironically, it is this same plug-in that may get the developer and his/her company in trouble. The free and do-it-yourself remedy would be to tap into an online service (i.e. Google Code Search Data API) and match on similar code. Unfortunately, since the code search indexes even sample code with no licenses, one can foresee some manual steps with the mashup model. Admittedly, this is a quick and dirty approach. Your legal team would not be happy about that. So what is the moral? Know your code and keep third party source separate.