I think this exploit affects all Linux based servers running Nginx that haven't upgraded to 1.5.0. Passenger is using 1.4.2 which would mean that if you use Rails you are vulnerable. I'm not 100% sure, but neither is anyone else. A fresh install won't help for this hack as it's through the URL. You can see more in the github.com url about the exploit. I don't think the author of github knows the solution yet either.