The remote Debian host is missing a security-related update.
It was discovered that specific APL RR data could trigger an INSIST failure in apl_42.c and cause the BIND DNS server to exit, leading to a denial-of-service.
Upgrade the bind9 packages. For the oldstable distribution (wheezy), this problem has been fixed in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u9. For the stable distribution (jessie), this problem has been fixed in version 1:9.9.5.dfsg-9+deb8u5.