When Vulnserver was originally released I did say at the time that I would release a tutorial that covers the process of bypassing DEP. That was of course just before I started in a new job and my blog posting regularity pretty much dropped off the cliff. Well the good news (for me, and for you too perhaps) is that now I don't have to write that tutorial, because someone else has already done it!
Check out the tutorial here. Ive only given it a quick skim so far, but based on what Ive seen it looks pretty good.
UPDATE 22/11/2013: Yeah, the link doesn't work any more, and I cant find any copies of this tutorial anywhere else on the web. I have my own DEP bypassing exploit for Vulnserver written, and a tutorial partly done, but its probably a while away from completion given all the stuff I have going on at the moment. If people are really keen to see a DEP bypass tutorial, let me know and if there's enough interest I might be motivated to get it done a bit sooner...
oledump: Extracting Embedded EXE From DOC
46 minutes ago