I've cleaned IRC bots off of people's OS X installations. They had SSH turned on, with username/pw combos like "bob"/"bob", and public IP addresses.
But you really have to intentionally make multiple poor security choices for something like this happen.
There are also quite a few remote code execution attacks against OS X - you can find details of these in Apple's security bulletin list:
http://support.apple.com/kb/HT1222
I've cleaned IRC bots off of people's OS X installations. They had SSH turned on, with username/pw combos like "bob"/"bob", and public IP addresses.
But you really have to intentionally make multiple poor security choices for something like this happen.
There are also quite a few remote code execution attacks against OS X - you can find details of these in Apple's security bulletin list:
http://support.apple.com/kb/HT1222