Interesting blog entry that discusses how a glibc alloca()-based memory corruption vulnerability allowed for code execution.
You can download it from the following link: https://packetstormsecurity.com/files/download/98720/glibc-accident.txt
Source: https://packetstormsecurity.com/files/98720/glibc-alloca-Memory-Corruption.html