Cool whitepaper discussing the return into libc attacks used to bypass non-executable stacks.
You can download it from the following link: https://packetstormsecurity.com/files/download/38805/Return-to-libc.txt
Source: https://packetstormsecurity.com/files/38805/Return-to-libc.txt.html