Apache // mystery files named "1" showing secure details

[vmos2]

Hello, we've got a whole bunch of servers running debian sarge, etch, lenny and ubuntu lucid

Just today we've noticed some files in some sites on many servers called 1, just "1"

a few of these are viewable via websites and the show things that should probably not be shown. Some show crontabs, some show htaccess files and things.

I've tried googling but "1" doesn't exactly narrow down the search results. I'm inclined to think it's some feature of apache that we haven't disabled

Has anyone seen this or know where they might be coming from?


/edit Mystery solved

If you edit a file in VI and then do wq! to save but don't hold shift properly, this enters wq1 which saves the contents of the file you're editing in another file called 1

FFS