No, for MD5, SHA-1, or one of the SHA-2 candidates, there are no hash values out of range. The output of cryptographic hashes is guaranteed to be indistinguishable from random ones. However, if you create a value of the same size as, for example, SHA-256 (32 bytes), which is not yet a known hash, then you are guaranteed that no one else will generate the same value. It could even be 32 bytes for all zeros. There are endless messages that will generate the hash value that you have chosen, the bottom line is that it cannot be found.
If someone can generate a hash that has the same meaning, then they can generate a collision. If a collision can be generated, the cryptographic hash is considered broken. MD5 has collisions and considered broken. There were no collisions for SHA-1 yet, but the amount of work required to create one is lower than expected for a hash with 160-bit output and is probably already within reach. Neither MD5 nor SHA1 are currently broken so that you can generate any random hash value, but attacks are only improving, not worse.
Thus, in the end, you'd better choose SHA-256 or SHA-512 for this particular purpose. Note that although you can only use the X leftmost bytes of output, you should use at least 160 bits or so to be sure that there is no conflict - for non-broken hash algorithms, the size of the output determines the probability of collisions.