The UNIX community started CERT because there were so many holes in Unix/Linux that they needed a clearinghouse. One of the most notorious bugs or should I say series of bugs allowing hackers to take superuser control of the unix box occured in the sendmail program. Sendmail runs as root on unix boxes. When you connect to a unix box port 25 the unix box runs sendmail and it gets your keystrokes. If you knew how you could send sets of data to sendmail that would crash it. When sendmail crashed it left you logged in as root, which, sendmail runs as. So there you are logged in as root to a unix box because of a bug in sendmail.
you hear a lot of these 'stack' bugs on unix machines but it's only windows that really has security problems.