Description
Apache Axis2 is installed on this application server. By accessing a specific URL (/services/listServices) it's possible to list all the available web services deployed in this server.
Remediation
If you don't want these services to be publicly available you need to restrict access to the /services/listServices URL.
References
Related Vulnerabilities
XOOPS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3822)
WordPress Plugin wp-FileManager Arbitrary File Disclosure (1.3.0)
WordPress Plugin DZS Video Gallery Information Disclosure (3.1.3)
WordPress Plugin Multi Plugin Installer Arbitrary File Disclosure (1.1.0)