Level 0 - remote format string with information leak
Level 1 - trivial stack overflow
Level 2 - write a pop3 server to trigger a vulnerability in some pop3 client library found during auditing
Level 3 - Level3 is a blast from the past, with not much details and a sstriped binary!
Level 4 - PHP heap vulnerability