Research the vulnerability and the signature. This isn't a DOS in the sense the it detects a flood of traffic. It detects the exploit, which results in a DOS. These are very likely false positives, but you should verify. If they are false positives, given that this is a 5 year old vulnerability...I would recommend just disabled/retiring the sig.