A large class of network attacks have involved TCP/IP protocol vulnerabilities -- they targeted flaws in TCP/IP protocols or bugs in TCP/IP implementations, rather than security vulnerabilities in specific TCP/IP services. Most of these have resulted in denial of service problems; a vulnerable host either loses the ability to communicate on the network or in the worst cases hangs or crashes. Some, however (particularly TCP spoofing) can have serious security implementations.
"Ping-flooding" is one of the simplest denial-of-service attacks; one generates a high volume of ICMP Echo Request ("ping") packets directed at a remote host and it normally feels obligated to answer each one with an ICMP Echo Reply, tying up network bandwidth in both directions. This can be exacerbated by using forged source addresses, making it harder for the target to determine the true source of the attack; the only effective way to find the source is to trace the bandwidth usage through upstream network links one hop at a time. "Smurfing" uses a forged source address of the target and a destination broadcast address of another network containing a large number of hosts, so each host in that network sends a reply back to the forged source. It has become highly deprecated to even allow hosts to answer pings directed at network broadcast addresses, and often routers are configured to filter broadcast addresses.
Another attack involving ICMP was the "ping-of-death"; this triggered a bug in many TCP/IP implementations when an ICMP packet of nearly 2^16 bytes was sent to a host, causing it to crash. Patches ensued for the OSes vulnerable to this problem that were still being actively maintained and supported.