Cobalt RaQ4 Remote Root Exploit
The self contained, easy to set up Cobalt RAQ server appliance now maintained by Sun Microsystems is vulnerable to a remote root exploit which ironically affects the SHP (security hardening package). Grazer released the advisory along with an exploit on i-security.nl. A patch for the problem is available for download.
I guess that's why I use FreeBSD