[stwe]

Yes, if they are implemented via hash tables and do not randomize their hash generation somehow. The talk at 28c3 specifically mentions PHP, Java, ASP.net, Python. Ruby is fine, but other variants of Ruby are apparently also vulnerable.

[jrockway]

Worth noting that this has been "fixed" in Perl since 5.8.1, released over 8 years ago.

http://perldoc.perl.org/perlsec.html#Algorithmic-Complexity-...

[astrodust]

Ruby 1.9 is fine, 1.8 has problems.

[FooBarWidget]

1.8 is also fixed.

[astrodust]

Go team! Good to know.

[dangrossman]

PHP already fixed this in the 5.3.9 and 5.4RC branches.