The supportconfig script in supportutils in SUSE Linux Enterprise 11 SP1 and 10 SP3 does not "disguise passwords" in configuration files, which has unknown impact and attack vectors.
https://exchange.xforce.ibmcloud.com/vulnerabilities/64690
http://www.vupen.com/english/advisories/2011/0076
http://secunia.com/advisories/42877
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html