The remote host is vulnerable to multiple remote overflows
The remote BIND server is vulnerable to three different vulnerabilities : 1) The remote BIND server, based on its version number, if running recursive DNS functionality, is vulnerable to a buffer overflow. 2) The remote BIND server is vulnerable to a denial of service (crash) via SIG RR elements with invalid expiry times. 3) The remote BIND server is vulnerable to a denial of service. When a DNS lookup is requested on a non-existant sub-domain of a valid domain and an OPT resource record with a large UDP payload is attached, the server may fail.
Upgrade to BIND 8.3.4 or newer