Wendel Guglielmetti Henrique and Steve Ocepek will demonstrate at the upcoming Black Hat Europe 2010 in Barcelona (14-15 April) how to steal credentials by downgrading authentication mechanisms as well as overtaking existing user sessions. They will also show their thicknet tool which will be available after the conference.
This sounds similar to Laszlo work on downgrading JDBC. But I had already a chance to review their presentation so I know it is different.
More information after their presentation.