A quick test if the webserver on my debian VPS is also vulnerable was successful.
But the proposed workaround works quite well for me.
Here are the steps, that I did to prevent my own apache webserver from being exploited (default apache2 installation debian squeeze):
RequestHeader unset Range
host seems vuln
ATTACKING 126.96.36.199 [using 50 forks]
Host does not seem vulnerable
GREAT! Simply trick, but works fine.