Fixing a broken BIND and then installing a backdoor is a much different kettle of fish than just writing a worm that fixes the bug and then walks away.
That said, I would agree completely that it's very legally dangerous. If it's not yours, don't mess with it!
As an academic matter, I think such a worm could end up being socially useful, if there are enough compromised machines and the people running them are sufficiently incompetent and those machines are being used against other people and you can be sure that your fix doesn't break something else and the machines just won't get re-compromised again next week. That's too many conditional clauses for me, but maybe someone else feels like taking one for the team.
That said, I would agree completely that it's very legally dangerous. If it's not yours, don't mess with it!
As an academic matter, I think such a worm could end up being socially useful, if there are enough compromised machines and the people running them are sufficiently incompetent and those machines are being used against other people and you can be sure that your fix doesn't break something else and the machines just won't get re-compromised again next week. That's too many conditional clauses for me, but maybe someone else feels like taking one for the team.
Legally: again, don't do it. It's not yours.