MS05-019 and specifically the CAN-2005-0048 issue (not yet up on the MITRE site but I guess it will be soon) looks troublesome. I think the ISC puts it pretty well.

"Incomplete validation of IP Network Packets" is how Microsoft describes this vulnerability. The end result could be remote execution of code.
According the the MS article, it seems likely that anything trying to use this exploit will most likely make the victim's computer fall over, but that's just according to Microsoft. Vulnerable systems appear to be NT 4.0, Windows 2000, Windows XP (pre-SP2). There are patches available for 2000 & XP but Microsoft's attitude to NT users is basically telling them to contact MS for a patch, presumably one that they will have to pay for. Nice one, Micro$oft.

A mitigating factor is the fact that most routers don't forward this type of malformed packet, but that might still leave a LAN vulnerable if a PC on the local network is running this sort of attack.

Since we've seen viruses now that use this kind of thing as a payload, it seems to me that it's quite possible that the thing can cruise past your firewall in an emailed ZIP file or some such and then attempt to compromise the entire LAN using this vulnerability.

Or am I just being paranoid?