It may be related to ExecShield (?) if that was in Redhat 9. Just be glad they do not use PaX
. The class of exploit you are trying to pull off ( or at least, the class of exploit it sounds like ) may still be fairly trivial depending on what other randomisation ExecShield incorporates and how much ( it does not appear to perform that much ).