Now this is interesting, a Java RMI remote code execution due to a default method being exposed by the distributed garbage collector. It is going to be a fun one to test!
The Metasploit page can be found here:
Update: Confirmed as working. It does rely on the RMI service being tunneled over HTTP. This particular exploit won't work directly with the typical JRMP services, but I am sure a similar vulnerability will exist. Warrants further digging....