This great video by Andreas Kling shows how exploitation on systems without ASLR (or an improper implementation) makes exploitation of user-land programs easy. Exploit code can re-use hardcoded addresses. Later exploits can copy/paste addresses en masse.