Credit: drraid
Last November, drraid demonstrated the exploitation of a server-side bug in Asterisk, which really liked putting HTTP request buffers all over its stack. He used multiple threads to disclose memory and control EIP despite the PIE ASLR protections in the Linux kernel.