Marsh Ray y Steve Dispensa han hecho pública la versión 1.1 del documento donde presentan un ataque MiTM basado en la renegociación TLS. En el comienzo del documento podemos leer:

There are three general attacks against HTTPS discussed here, each with slightly
different characteristics, all of which yield the same result: the attacker is able to
execute an HTTP transaction of his choice, authenticated by a legitimate user (the
victim of the MITM attack)

Esta versión del documento se ha traducido en un borrador de IETF:

Internet draft “Transport Layer Security (TLS) Renegotiation Indication Extension”

TLS [RFC5246] allows either the client or the server to initiate
   renegotiation--a new handshake which establishes new cryptographic
   parameters.  Unfortunately, although the new handshake is carried out
   over the protected channel established by the original handshake,
   there is no cryptographic connection between the two.  This creates
   the opportunity for an attack in which the attacker who can intercept
   a client's transport layer connection can inject traffic of his own
   as a prefix to the client's interaction with the server.
[...]
This attack can be prevented by cryptographically binding
   renegotiation handshakes to the enclosing TLS channel, thus allowing
   the server to differentiate renegotiation from initial negotiation,
   as well as preventing renegotiations from being spliced in between
   connections.  An attempt by an attacker to inject himself as
   described above will result in a mismatch of the extension and can

UPDATE:

Actualización para OpenSSL
Nov  5 17:20:01 2009 openssl-0.9.8l.tar.gz (MD5) (SHA1) (PGP sign)  [LATEST]

OpenSSL CHANGES
 _______________

 Changes between 0.9.8k and 0.9.8l  [5 Nov 2009]

  *) Disable renegotiation completely – this fixes a severe security
     problem (CVE-2009-3555) at the cost of breaking all
     renegotiation. Renegotiation can be re-enabled by setting
     SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION in s3->flags at
     run-time. This is really not recommended unless you know what
     you’re doing.
     [Ben Laurie]

Más información en los siguientes enlaces

http://extendedsubset.com/?p=8
http://www.links.org/?p=780
http://sunbeltblog.blogspot.com/2009/11/man-in-middle-attack-uses-ssl.html
http://www.hispasec.com/unaaldia/4030
http://www2.packetstormsecurity.org/cgi-bin/search/search.cgi?searchvalue=renegotiating+tls
Prueba de concepto del ataque: http://packetstormsecurity.org/0911-exploits/ssl-mitm.c