You can have a super secure server , however, if the applications your building on it have vulnerabilities , you are vulnerable to attacks.
Some of the most common exploits are listed over here:
en.wikipedia.org/wiki/Exploit_%28computer_security%29 (copy/paste link in browser adress)
Remember to disable register_globals , validate your input , whitelist users that can modify important files and so on.
Anyone can contribute with tips on software/application security , since this is what the thread is for!

Sorry for bringing up an old post, but I just wanted to provide my own feedback on this threat. I started studying for the CISSP exam and one of the key points that I learned is that application security is of paramount importance. More than 85% of security flaws are located on applications. Security professionals should consume most of their effort to build secure applications rather than building up security in networks (with firewalls, IPS etc). Ofcourse network security is very crucial as well, but what I say is that application and software protection is more important.

My two cents.