This vulnerability affects the BIND DNS server. Some versions of BIND fail to properly validate NXT records. This improper validation could allow an intruder to overflow a buffer and execute arbitrary code with the privileges of the name server (usually root). NXT record support was introduced in BIND version 8.2. Prior versions of BIND, including 4.x, are not vulnerable to this problem.
ISC, BIND, 8.2.1
ISC, BIND, 8.2
Attackers can execute arbitrary code with the privileges of the BIND process.
Update to BIND version 8.2.2 or newer.