ya,

Buffer Overflows are an EXTREAMLY high risk. Allowing a hacker to run any thing...most just open a telnet service, or even setup a simple server...

However, this threat can be minimized with using different privliaged accounts, so at least the exploit wont be able to run as root/admin