I don't really care about os wars but I must make some comments.
BSD has its problems, compatibility and mind share being the major ones. I will grant you that OpenBSD is reasonably secure out of the box but they only audit kernel code and are just as vulnerable as any other os for their non core code. Some programs are just not easy to use under BSD due to differences in libs
Debian isn't a panacea for anything. If you run anyones stock distribution, you shouldn't call yourself a sysadmin and better hire someone who can compile a new one with whatever patches you need.
Any distribution that uses loadable modules must be fixed to run without the ability to insert code into the kernel (this includes Debian).
Debian is just as vulnerable as any other distribution to any Linux kernel problems. They use a different packaging system and in many cases older versions of software that are "stable". I think you can find many exploits for Debian as well as Mandrake, Suse and all the other distributions.
The bottom line is: Either learn security or hire someone who knows it no matter what OS you use.
