GHOST: which services are vulnerable, ssh, web server?

GHOST (CVE-2015-0235) just popped up.

GHOST bug: is there a simple way to test if my system is secure? deals with how to find out if your system is vulnerable.

• 
  

  exim is mentioned specifically.

  
  


• 
  

  Apparently OpenSSH is vulnerable but attacks can easily be prevented:

  
  

In the mean time, you can implement immediate limited threat mitigation by disabling reverse DNS checks in all your public facing services. For example, you can disable reverse DNS checks in SSH by setting UseDNS no in /etc/ssh/sshd_config.

Which other common server software open to the outside world are vulnerable to this attack? varnish, Apache, nginx? And are there quick work arounds like with OpenSSH?